Test ID:	1.3.6.1.4.1.25623.1.0.69934
Category:	Fedora Local Security Checks
Title:	Fedora Core 15 FEDORA-2011-9080 (krb5-appl)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to krb5-appl announced via advisory FEDORA-2011-9080. Update Information: This update corrects a potential failure to properly set the effective group ID in the GSSAPI-capable FTP server (MITKRB5-SA-2011-005, CVE-2011-1526). References: [ 1 ] Bug #711419 - CVE-2011-1526 krb5, krb5-appl: ftpd incorrect group privilege dropping (MITKRB5-SA-2011-005) https://bugzilla.redhat.com/show_bug.cgi?id=711419 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update krb5-appl' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2011-9080 Risk factor : High CVSS Score: 6.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1526 BugTraq ID: 48571 http://www.securityfocus.com/bid/48571 Bugtraq: 20110705 MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526] (Google Search) http://www.securityfocus.com/archive/1/518733/100/0/threaded Debian Security Information: DSA-2283 (Google Search) http://www.debian.org/security/2011/dsa-2283 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062681.html http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062699.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:117 http://www.osvdb.org/73617 http://www.redhat.com/support/errata/RHSA-2011-0920.html http://secunia.com/advisories/45145 http://secunia.com/advisories/45157 http://secunia.com/advisories/48101 http://securityreason.com/securityalert/8301 SuSE Security Announcement: SUSE-SU-2012:0010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html SuSE Security Announcement: SUSE-SU-2012:0018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html SuSE Security Announcement: SUSE-SU-2012:0042 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html SuSE Security Announcement: SUSE-SU-2012:0050 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html SuSE Security Announcement: openSUSE-SU-2011:1169 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html SuSE Security Announcement: openSUSE-SU-2012:0019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html SuSE Security Announcement: openSUSE-SU-2012:0051 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html XForce ISS Database: kerberos-krb5appl-priv-esc(68398) https://exchange.xforce.ibmcloud.com/vulnerabilities/68398
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.