English | Deutsch | Español | Português
 UserID:
 Passwd:
 new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   		     Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70691
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2373-1 (inetutils)
Summary:Debian Security Advisory DSA 2373-1 (inetutils)
Description:The remote host is missing an update to inetutils
announced via advisory DSA 2373-1.

It was discovered that the Kerberos support for telnetd contains a
pre-authentication buffer overflow, which may enable remote attackers
who can connect to the Telnet to execute arbitrary code with root
privileges.

For the oldstable distribution (lenny), this problem has been fixed in
version 2:1.5.dfsg.1-9+lenny1.

For the stable distribution (squeeze), this problem has been fixed in
version 2:1.6-3.1+squeeze1.

For the testing distribution (wheezy) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your inetutils packages.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%202373-1
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-4862
Bugtraq: 20111226 MITKRB5-SA-2011-008 buffer overflow in telnetd [CVE-2011-4862] (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2011-12/0172.html
http://www.exploit-db.com/exploits/18280/
http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006117.html
http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006118.html
http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006119.html
http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006120.html
Debian Security Information: DSA-2372 (Google Search)
http://www.debian.org/security/2011/dsa-2372
Debian Security Information: DSA-2373 (Google Search)
http://www.debian.org/security/2011/dsa-2373
Debian Security Information: DSA-2375 (Google Search)
http://www.debian.org/security/2011/dsa-2375
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071627.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071640.html
FreeBSD Security Advisory: FreeBSD-SA-11:08
http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc
http://www.mandriva.com/security/advisories?name=MDVSA-2011:195
http://www.redhat.com/support/errata/RHSA-2011-1851.html
http://www.redhat.com/support/errata/RHSA-2011-1852.html
http://www.redhat.com/support/errata/RHSA-2011-1854.html
http://www.redhat.com/support/errata/RHSA-2011-1853.html
SuSE Security Announcement: SUSE-SU-2012:0010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html
SuSE Security Announcement: SUSE-SU-2012:0018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html
SuSE Security Announcement: SUSE-SU-2012:0042 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html
SuSE Security Announcement: SUSE-SU-2012:0050 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html
SuSE Security Announcement: openSUSE-SU-2012:0019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html
SuSE Security Announcement: openSUSE-SU-2012:0051 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html
SuSE Security Announcement: SUSE-SU-2012:0024 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00007.html
SuSE Security Announcement: SUSE-SU-2012:0056 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00015.html
http://osvdb.org/78020
http://www.securitytracker.com/id?1026460
http://www.securitytracker.com/id?1026463
http://secunia.com/advisories/47341
http://secunia.com/advisories/47348
http://secunia.com/advisories/47357
http://secunia.com/advisories/47359
http://secunia.com/advisories/47373
http://secunia.com/advisories/47374
http://secunia.com/advisories/47397
http://secunia.com/advisories/47399
http://secunia.com/advisories/47441
http://secunia.com/advisories/46239
XForce ISS Database: multiple-telnetd-bo(71970)
http://xforce.iss.net/xforce/xfdb/71970
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  
 Forgot userid or passwd?
Email/Userid:



Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2013 E-Soft Inc. All rights reserved.