Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2010-0029)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122402

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2010-0029)

Resumen: The remote host is missing an update for the 'krb5' package(s) announced via the ELSA-2010-0029 advisory.

Descripción: Summary:
The remote host is missing an update for the 'krb5' package(s) announced via the ELSA-2010-0029 advisory.

Vulnerability Insight:
[1.6.1-36.el5_4.1]
- add candidate patch to correct KDC integer overflows which could be
triggered by malformed RC4 and AES ciphertexts (CVE-2009-4212, #546347)

Affected Software/OS:
'krb5' package(s) on Oracle Linux 3, Oracle Linux 4, Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-4212
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
BugTraq ID: 37749
http://www.securityfocus.com/bid/37749
Debian Security Information: DSA-1969 (Google Search)
http://www.debian.org/security/2010/dsa-1969
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
HPdes Security Advisory: HPSBOV02682
http://marc.info/?l=bugtraq&m=130497213107107&w=2
HPdes Security Advisory: SSRT100495
http://www.mandriva.com/security/advisories?name=MDVSA-2010:006
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
RedHat Security Advisories: RHSA-2010:0029
https://rhn.redhat.com/errata/RHSA-2010-0029.html
RedHat Security Advisories: RHSA-2010:0095
https://rhn.redhat.com/errata/RHSA-2010-0095.html
http://www.securitytracker.com/id?1023440
http://secunia.com/advisories/38080
http://secunia.com/advisories/38108
http://secunia.com/advisories/38126
http://secunia.com/advisories/38140
http://secunia.com/advisories/38184
http://secunia.com/advisories/38203
http://secunia.com/advisories/38696
http://secunia.com/advisories/40220
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
http://ubuntu.com/usn/usn-881-1
http://www.vupen.com/english/advisories/2010/0096
http://www.vupen.com/english/advisories/2010/0129
http://www.vupen.com/english/advisories/2010/1481

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122402
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2010-0029)
Resumen:	The remote host is missing an update for the 'krb5' package(s) announced via the ELSA-2010-0029 advisory.
Descripción:	Summary: The remote host is missing an update for the 'krb5' package(s) announced via the ELSA-2010-0029 advisory. Vulnerability Insight: [1.6.1-36.el5_4.1] - add candidate patch to correct KDC integer overflows which could be triggered by malformed RC4 and AES ciphertexts (CVE-2009-4212, #546347) Affected Software/OS: 'krb5' package(s) on Oracle Linux 3, Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4212 http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html BugTraq ID: 37749 http://www.securityfocus.com/bid/37749 Debian Security Information: DSA-1969 (Google Search) http://www.debian.org/security/2010/dsa-1969 http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html HPdes Security Advisory: HPSBOV02682 http://marc.info/?l=bugtraq&m=130497213107107&w=2 HPdes Security Advisory: SSRT100495 http://www.mandriva.com/security/advisories?name=MDVSA-2010:006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192 RedHat Security Advisories: RHSA-2010:0029 https://rhn.redhat.com/errata/RHSA-2010-0029.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://www.securitytracker.com/id?1023440 http://secunia.com/advisories/38080 http://secunia.com/advisories/38108 http://secunia.com/advisories/38126 http://secunia.com/advisories/38140 http://secunia.com/advisories/38184 http://secunia.com/advisories/38203 http://secunia.com/advisories/38696 http://secunia.com/advisories/40220 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1 http://ubuntu.com/usn/usn-881-1 http://www.vupen.com/english/advisories/2010/0096 http://www.vupen.com/english/advisories/2010/0129 http://www.vupen.com/english/advisories/2010/1481
Copyright	Copyright (C) 2015 Greenbone AG