Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-0200)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.122250
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2011-0200)
Zusammenfassung:	The remote host is missing an update for the 'krb5' package(s) announced via the ELSA-2011-0200 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'krb5' package(s) announced via the ELSA-2011-0200 advisory. Vulnerability Insight: [1.8.2-3.4] - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using the LDAP kdb backend (CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, #671101) [1.8.2-3.3] - pull up crypto changes made between 1.8.2 and 1.8.3 to fix upstream #6751, assumed to already be there for the next fix - incorporate candidate patch to fix various issues from MITKRB5-SA-2010-007 (CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, #651962) [1.8.2-3.2] - fix reading of keyUsage extensions when attempting to select pkinit client certs (part of #644825, RT#6775) - fix selection of pkinit client certs when one or more don't include a subjectAltName extension (part of #644825, RT#6774) [1.8.2-3.1] - incorporate candidate patch to fix uninitialized pointer crash in the KDC (CVE-2010-1322, #636336) Affected Software/OS: 'krb5' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1322 BugTraq ID: 43756 http://www.securityfocus.com/bid/43756 Bugtraq: 20101005 MITKRB5-SA-2010-006 [CVE-2010-1322] KDC uninitialized pointer crash in authorization data handling (Google Search) http://www.securityfocus.com/archive/1/514144/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2010:202 http://www.redhat.com/support/errata/RHSA-2010-0863.html SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://www.ubuntu.com/usn/USN-999-1 http://www.vupen.com/english/advisories/2010/2865 Common Vulnerability Exposure (CVE) ID: CVE-2010-1323 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html BugTraq ID: 45118 http://www.securityfocus.com/bid/45118 Bugtraq: 20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021] (Google Search) http://www.securityfocus.com/archive/1/514953/100/0/threaded Bugtraq: 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (Google Search) http://www.securityfocus.com/archive/1/517739/100/0/threaded Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://www.securityfocus.com/archive/1/520102/100/0/threaded Debian Security Information: DSA-2129 (Google Search) http://www.debian.org/security/2010/dsa-2129 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html HPdes Security Advisory: HPSBOV02682 http://marc.info/?l=bugtraq&m=130497213107107&w=2 HPdes Security Advisory: HPSBUX02623 http://marc.info/?l=bugtraq&m=129562442714657&w=2 HPdes Security Advisory: SSRT100355 HPdes Security Advisory: SSRT100495 http://www.mandriva.com/security/advisories?name=MDVSA-2010:245 http://www.mandriva.com/security/advisories?name=MDVSA-2010:246 http://lists.vmware.com/pipermail/security-announce/2011/000133.html http://osvdb.org/69610 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121 http://www.redhat.com/support/errata/RHSA-2010-0925.html http://www.redhat.com/support/errata/RHSA-2010-0926.html http://www.securitytracker.com/id?1024803 http://secunia.com/advisories/42399 http://secunia.com/advisories/42420 http://secunia.com/advisories/42436 http://secunia.com/advisories/43015 http://secunia.com/advisories/46397 SuSE Security Announcement: SUSE-SR:2010:023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html SuSE Security Announcement: SUSE-SR:2010:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html SuSE Security Announcement: SUSE-SU-2012:0010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html SuSE Security Announcement: SUSE-SU-2012:0042 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html http://www.ubuntu.com/usn/USN-1030-1 http://www.vupen.com/english/advisories/2010/3094 http://www.vupen.com/english/advisories/2010/3095 http://www.vupen.com/english/advisories/2010/3101 http://www.vupen.com/english/advisories/2010/3118 http://www.vupen.com/english/advisories/2011/0187 Common Vulnerability Exposure (CVE) ID: CVE-2010-1324 BugTraq ID: 45116 http://www.securityfocus.com/bid/45116 http://osvdb.org/69609 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936 Common Vulnerability Exposure (CVE) ID: CVE-2010-4020 BugTraq ID: 45117 http://www.securityfocus.com/bid/45117 http://osvdb.org/69608 Common Vulnerability Exposure (CVE) ID: CVE-2010-4022 BugTraq ID: 46269 http://www.securityfocus.com/bid/46269 Bugtraq: 20110208 MITKRB5-SA-2011-001 kpropd denial of service [CVE-2010-4022] (Google Search) http://www.securityfocus.com/archive/1/516286/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2011:025 http://www.redhat.com/support/errata/RHSA-2011-0200.html http://www.securitytracker.com/id?1025035 http://secunia.com/advisories/43260 http://secunia.com/advisories/43275 http://securityreason.com/securityalert/8070 SuSE Security Announcement: SUSE-SR:2011:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html http://www.vupen.com/english/advisories/2011/0329 http://www.vupen.com/english/advisories/2011/0333 http://www.vupen.com/english/advisories/2011/0347 http://www.vupen.com/english/advisories/2011/0464 Common Vulnerability Exposure (CVE) ID: CVE-2011-0281 BugTraq ID: 46265 http://www.securityfocus.com/bid/46265 Bugtraq: 20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283] (Google Search) http://www.securityfocus.com/archive/1/516299/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2011:024 http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html http://www.redhat.com/support/errata/RHSA-2011-0199.html http://www.securitytracker.com/id?1025037 http://secunia.com/advisories/43273 http://securityreason.com/securityalert/8073 http://www.vupen.com/english/advisories/2011/0330 XForce ISS Database: kerberos-ldap-descriptor-dos(65324) https://exchange.xforce.ibmcloud.com/vulnerabilities/65324 Common Vulnerability Exposure (CVE) ID: CVE-2011-0282 BugTraq ID: 46271 http://www.securityfocus.com/bid/46271 XForce ISS Database: kerberos-ldap-dos(65323) https://exchange.xforce.ibmcloud.com/vulnerabilities/65323
Copyright	Copyright (C) 2015 Greenbone AG