 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.870596 |
| Category: | Red Hat Local Security Checks |
| Title: | RedHat Update for krb5 RHSA-2011:0356-01 |
| Summary: | The remote host is missing an update for the 'krb5'; package(s) announced via the referenced advisory. |
| Description: | Summary: The remote host is missing an update for the 'krb5' package(s) announced via the referenced advisory. Vulnerability Insight: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center (KDC). The Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) capability provides support for using public-key authentication with Kerberos. A double-free flaw was found in the way the MIT Kerberos KDC handled initial authentication requests (AS-REQ), when the KDC was configured to provide the PKINIT capability. A remote attacker could use this flaw to cause the KDC daemon to abort by using a specially-crafted AS-REQ request. (CVE-2011-0284) All krb5 users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc daemon will be restarted automatically. Affected Software/OS: krb5 on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-0284 BugTraq ID: 46881 http://www.securityfocus.com/bid/46881 Bugtraq: 20110315 MITKRB5-SA-2011-003 [CVE-2011-0284] KDC double-free when PKINIT enabled (Google Search) http://www.securityfocus.com/archive/1/517029/100/0/threaded CERT/CC vulnerability note: VU#943220 http://www.kb.cert.org/vuls/id/943220 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056579.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056573.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056413.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:048 http://osvdb.org/71183 http://www.redhat.com/support/errata/RHSA-2011-0356.html http://securitytracker.com/id?1025216 http://secunia.com/advisories/43700 http://secunia.com/advisories/43760 http://secunia.com/advisories/43783 http://secunia.com/advisories/43881 SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://www.ubuntu.com/usn/USN-1088-1 http://www.vupen.com/english/advisories/2011/0672 http://www.vupen.com/english/advisories/2011/0673 http://www.vupen.com/english/advisories/2011/0680 http://www.vupen.com/english/advisories/2011/0722 http://www.vupen.com/english/advisories/2011/0763 XForce ISS Database: kerberos-perpareerroras-code-execution(66101) https://exchange.xforce.ibmcloud.com/vulnerabilities/66101 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |