ID de Prueba:	1.3.6.1.4.1.25623.1.0.123137
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-0794)
Resumen:	The remote host is missing an update for the 'krb5' package(s) announced via the ELSA-2015-0794 advisory.
Descripción:	Summary: The remote host is missing an update for the 'krb5' package(s) announced via the ELSA-2015-0794 advisory. Vulnerability Insight: [1.10.3-37] - fix for CVE-2014-5355 (#1193939) 'krb5: unauthenticated denial of service in recvauth_common() and others' [1.10.3-36] - fix for CVE-2014-5353 (#1174543) 'Fix LDAP misused policy name crash' [1.10.3-35] - Changelog fixes to make errata subsystem happy. [1.10.3-34] - fix for CVE-2014-5352 (#1179856) 'gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)' - fix for CVE-2014-9421 (#1179857) 'kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)' - fix for CVE-2014-9422 (#1179861) 'kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)' Affected Software/OS: 'krb5' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-5352 BugTraq ID: 72495 http://www.securityfocus.com/bid/72495 Debian Security Information: DSA-3153 (Google Search) http://www.debian.org/security/2015/dsa-3153 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151437.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151103.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:069 RedHat Security Advisories: RHSA-2015:0439 http://rhn.redhat.com/errata/RHSA-2015-0439.html RedHat Security Advisories: RHSA-2015:0794 http://rhn.redhat.com/errata/RHSA-2015-0794.html SuSE Security Announcement: SUSE-SU-2015:0257 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00011.html SuSE Security Announcement: SUSE-SU-2015:0290 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00016.html SuSE Security Announcement: openSUSE-SU-2015:0255 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00044.html http://www.ubuntu.com/usn/USN-2498-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-5353 BugTraq ID: 71679 http://www.securityfocus.com/bid/71679 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155828.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:009 https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html http://www.securitytracker.com/id/1031376 SuSE Security Announcement: openSUSE-SU-2015:0542 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html Common Vulnerability Exposure (CVE) ID: CVE-2014-5355 BugTraq ID: 74042 http://www.securityfocus.com/bid/74042 http://www.ubuntu.com/usn/USN-2810-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-9421 BugTraq ID: 72496 http://www.securityfocus.com/bid/72496 Common Vulnerability Exposure (CVE) ID: CVE-2014-9422 BugTraq ID: 72494 http://www.securityfocus.com/bid/72494
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.