English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69527
Category:Fedora Local Security Checks
Title:Fedora Core 13 FEDORA-2011-5343 (krb5)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to krb5
announced via advisory FEDORA-2011-5343.

Update Information:

This update incorporates the upstream patches to fix an attempt to free an invalid pointer in kadmind (MITKRB5-SA-2011-004).

References:

[ 1 ] Bug #696343 - CVE-2011-0285 krb5: kadmind invalid pointer free() (MITKRB5-SA-004) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=696343

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update krb5' at the command line.
For more information, refer to Managing Software with yum,
available at http://docs.fedoraproject.org/yum/.

http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2011-5343

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-0285
BugTraq ID: 47310
http://www.securityfocus.com/bid/47310
Bugtraq: 20110413 MITKRB5-SA-2011-004 kadmind invalid pointer free() [CVE-2011-0285] (Google Search)
http://www.securityfocus.com/archive/1/517484/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058181.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:077
http://osvdb.org/71789
http://www.redhat.com/support/errata/RHSA-2011-0447.html
http://www.securitytracker.com/id?1025320
http://secunia.com/advisories/44125
http://secunia.com/advisories/44181
http://secunia.com/advisories/44196
http://securityreason.com/securityalert/8200
SuSE Security Announcement: openSUSE-SU-2011:0348 (Google Search)
https://hermes.opensuse.org/messages/8086843
http://www.vupen.com/english/advisories/2011/0936
http://www.vupen.com/english/advisories/2011/0986
http://www.vupen.com/english/advisories/2011/0997
Common Vulnerability Exposure (CVE) ID: CVE-2011-0284
BugTraq ID: 46881
http://www.securityfocus.com/bid/46881
Bugtraq: 20110315 MITKRB5-SA-2011-003 [CVE-2011-0284] KDC double-free when PKINIT enabled (Google Search)
http://www.securityfocus.com/archive/1/517029/100/0/threaded
CERT/CC vulnerability note: VU#943220
http://www.kb.cert.org/vuls/id/943220
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056579.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056573.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056413.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:048
http://osvdb.org/71183
http://www.redhat.com/support/errata/RHSA-2011-0356.html
http://securitytracker.com/id?1025216
http://secunia.com/advisories/43700
http://secunia.com/advisories/43760
http://secunia.com/advisories/43783
http://secunia.com/advisories/43881
SuSE Security Announcement: SUSE-SR:2011:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://www.ubuntu.com/usn/USN-1088-1
http://www.vupen.com/english/advisories/2011/0672
http://www.vupen.com/english/advisories/2011/0673
http://www.vupen.com/english/advisories/2011/0680
http://www.vupen.com/english/advisories/2011/0722
http://www.vupen.com/english/advisories/2011/0763
XForce ISS Database: kerberos-perpareerroras-code-execution(66101)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66101
Common Vulnerability Exposure (CVE) ID: CVE-2010-4022
BugTraq ID: 46269
http://www.securityfocus.com/bid/46269
Bugtraq: 20110208 MITKRB5-SA-2011-001 kpropd denial of service [CVE-2010-4022] (Google Search)
http://www.securityfocus.com/archive/1/516286/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2011:025
http://www.redhat.com/support/errata/RHSA-2011-0200.html
http://www.securitytracker.com/id?1025035
http://secunia.com/advisories/43260
http://secunia.com/advisories/43275
http://securityreason.com/securityalert/8070
SuSE Security Announcement: SUSE-SR:2011:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html
http://www.vupen.com/english/advisories/2011/0329
http://www.vupen.com/english/advisories/2011/0333
http://www.vupen.com/english/advisories/2011/0347
http://www.vupen.com/english/advisories/2011/0464
Common Vulnerability Exposure (CVE) ID: CVE-2011-0281
BugTraq ID: 46265
http://www.securityfocus.com/bid/46265
Bugtraq: 20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283] (Google Search)
http://www.securityfocus.com/archive/1/516299/100/0/threaded
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2011:024
http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html
http://www.redhat.com/support/errata/RHSA-2011-0199.html
http://www.securitytracker.com/id?1025037
http://secunia.com/advisories/43273
http://secunia.com/advisories/46397
http://securityreason.com/securityalert/8073
http://www.vupen.com/english/advisories/2011/0330
XForce ISS Database: kerberos-ldap-descriptor-dos(65324)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65324
Common Vulnerability Exposure (CVE) ID: CVE-2011-0282
BugTraq ID: 46271
http://www.securityfocus.com/bid/46271
XForce ISS Database: kerberos-ldap-dos(65323)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65323
Common Vulnerability Exposure (CVE) ID: CVE-2010-1323
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
BugTraq ID: 45118
http://www.securityfocus.com/bid/45118
Bugtraq: 20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021] (Google Search)
http://www.securityfocus.com/archive/1/514953/100/0/threaded
Bugtraq: 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/517739/100/0/threaded
Debian Security Information: DSA-2129 (Google Search)
http://www.debian.org/security/2010/dsa-2129
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html
HPdes Security Advisory: HPSBOV02682
http://marc.info/?l=bugtraq&m=130497213107107&w=2
HPdes Security Advisory: HPSBUX02623
http://marc.info/?l=bugtraq&m=129562442714657&w=2
HPdes Security Advisory: SSRT100355
HPdes Security Advisory: SSRT100495
http://www.mandriva.com/security/advisories?name=MDVSA-2010:245
http://www.mandriva.com/security/advisories?name=MDVSA-2010:246
http://lists.vmware.com/pipermail/security-announce/2011/000133.html
http://osvdb.org/69610
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121
http://www.redhat.com/support/errata/RHSA-2010-0925.html
http://www.redhat.com/support/errata/RHSA-2010-0926.html
http://www.securitytracker.com/id?1024803
http://secunia.com/advisories/42399
http://secunia.com/advisories/42420
http://secunia.com/advisories/42436
http://secunia.com/advisories/43015
SuSE Security Announcement: SUSE-SR:2010:023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
SuSE Security Announcement: SUSE-SR:2010:024 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
SuSE Security Announcement: SUSE-SU-2012:0010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html
SuSE Security Announcement: SUSE-SU-2012:0042 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html
http://www.ubuntu.com/usn/USN-1030-1
http://www.vupen.com/english/advisories/2010/3094
http://www.vupen.com/english/advisories/2010/3095
http://www.vupen.com/english/advisories/2010/3101
http://www.vupen.com/english/advisories/2010/3118
http://www.vupen.com/english/advisories/2011/0187
Common Vulnerability Exposure (CVE) ID: CVE-2010-1324
BugTraq ID: 45116
http://www.securityfocus.com/bid/45116
http://osvdb.org/69609
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936
Common Vulnerability Exposure (CVE) ID: CVE-2010-1321
BugTraq ID: 40235
http://www.securityfocus.com/bid/40235
Bugtraq: 20100518 MITKRB5-SA-2010-005 [CVE-2010-1321] GSS-API lib null pointer deref (Google Search)
http://www.securityfocus.com/archive/1/511331/100/0/threaded
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Cert/CC Advisory: TA10-287A
http://www.us-cert.gov/cas/techalerts/TA10-287A.html
Cert/CC Advisory: TA11-201A
http://www.us-cert.gov/cas/techalerts/TA11-201A.html
Debian Security Information: DSA-2052 (Google Search)
http://www.debian.org/security/2010/dsa-2052
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041615.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041645.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.html
HPdes Security Advisory: HPSBMU02799
http://marc.info/?l=bugtraq&m=134254866602253&w=2
HPdes Security Advisory: HPSBUX02544
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
HPdes Security Advisory: SSRT100107
http://www.mandriva.com/security/advisories?name=MDVSA-2010:100
http://osvdb.org/64744
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11604
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7198
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7450
http://www.redhat.com/support/errata/RHSA-2010-0423.html
http://www.redhat.com/support/errata/RHSA-2010-0770.html
http://www.redhat.com/support/errata/RHSA-2010-0807.html
http://www.redhat.com/support/errata/RHSA-2010-0873.html
http://www.redhat.com/support/errata/RHSA-2010-0935.html
http://www.redhat.com/support/errata/RHSA-2010-0987.html
http://www.redhat.com/support/errata/RHSA-2011-0152.html
http://www.redhat.com/support/errata/RHSA-2011-0880.html
http://secunia.com/advisories/39762
http://secunia.com/advisories/39784
http://secunia.com/advisories/39799
http://secunia.com/advisories/39818
http://secunia.com/advisories/39849
http://secunia.com/advisories/40346
http://secunia.com/advisories/40685
http://secunia.com/advisories/41967
http://secunia.com/advisories/42432
http://secunia.com/advisories/42974
http://secunia.com/advisories/43335
http://secunia.com/advisories/44954
SuSE Security Announcement: SUSE-SR:2010:013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
http://www.ubuntu.com/usn/USN-940-1
http://www.ubuntu.com/usn/USN-940-2
http://www.vupen.com/english/advisories/2010/1177
http://www.vupen.com/english/advisories/2010/1192
http://www.vupen.com/english/advisories/2010/1193
http://www.vupen.com/english/advisories/2010/1196
http://www.vupen.com/english/advisories/2010/1222
http://www.vupen.com/english/advisories/2010/1574
http://www.vupen.com/english/advisories/2010/1882
http://www.vupen.com/english/advisories/2010/3112
http://www.vupen.com/english/advisories/2011/0134
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.