Turbolinux Local Security Tests : Turbolinux TLSA-2005-78 (krb5)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54337

Categoría: Turbolinux Local Security Tests

Título: Turbolinux TLSA-2005-78 (krb5)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to krb5
announced via advisory TLSA-2005-78.

Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the use of
insecure cleartext passwords.

The multiple vulnerabilities exist in krb5.

These vulerabilities allow remote attackers to cause a denial of service or execute arbitrary code.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-78

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1174
AIX APAR: IY85474
http://www-1.ibm.com/support/docview.wss?uid=swg1IY85474
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
BugTraq ID: 14240
http://www.securityfocus.com/bid/14240
Bugtraq: 20050712 MITKRB5-SA-2005-002: buffer overflow, heap corruption in KDC (Google Search)
http://marc.info/?l=bugtraq&m=112122123211974&w=2
CERT/CC vulnerability note: VU#259798
http://www.kb.cert.org/vuls/id/259798
Debian Security Information: DSA-757 (Google Search)
http://www.debian.org/security/2005/dsa-757
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10229
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A397
http://www.redhat.com/support/errata/RHSA-2005-567.html
http://securitytracker.com/id?1014460
http://secunia.com/advisories/16041
http://secunia.com/advisories/17899
http://secunia.com/advisories/20364
SGI Security Advisory: 20050703-01-U
ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809-1
SuSE Security Announcement: SUSE-SR:2005:017 (Google Search)
http://www.novell.com/linux/security/advisories/2005_17_sr.html
http://www.trustix.org/errata/2005/0036
TurboLinux Advisory: TLSA-2005-78
http://www.turbolinux.com/security/2005/TLSA-2005-78.txt
https://usn.ubuntu.com/224-1/
http://www.vupen.com/english/advisories/2005/1066
http://www.vupen.com/english/advisories/2006/2074
XForce ISS Database: kerberos-kdc-krb5-tcp-connection-dos(21327)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21327
Common Vulnerability Exposure (CVE) ID: CVE-2005-1175
BugTraq ID: 14236
http://www.securityfocus.com/bid/14236
CERT/CC vulnerability note: VU#885830
http://www.kb.cert.org/vuls/id/885830
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A736
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9902
http://www.redhat.com/support/errata/RHSA-2005-562.html
http://secunia.com/advisories/17135
XForce ISS Database: kerberos-kdc-krb5-udp-tcp-bo(21328)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21328
Common Vulnerability Exposure (CVE) ID: CVE-2005-1689
BugTraq ID: 14239
http://www.securityfocus.com/bid/14239
Bugtraq: 20050712 MITKRB5-SA-2005-003: double-free in krb5_recvauth (Google Search)
http://marc.info/?l=bugtraq&m=112119974704542&w=2
CERT/CC vulnerability note: VU#623332
http://www.kb.cert.org/vuls/id/623332
Conectiva Linux advisory: CLA-2005:993
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000993
http://www.gentoo.org/security/en/glsa/glsa-200507-11.xml
HPdes Security Advisory: HPSBUX02152
http://www.securityfocus.com/archive/1/446940/100/0/threaded
HPdes Security Advisory: SSRT5973
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9819
http://securitytracker.com/id?1014461
http://secunia.com/advisories/22090
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101810-1
http://www.vupen.com/english/advisories/2006/3776
XForce ISS Database: kerberos-kdc-krb5recvauth-execute-code(21055)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21055

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54337
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2005-78 (krb5)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to krb5 announced via advisory TLSA-2005-78. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the use of insecure cleartext passwords. The multiple vulnerabilities exist in krb5. These vulerabilities allow remote attackers to cause a denial of service or execute arbitrary code. Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-78 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1174 AIX APAR: IY85474 http://www-1.ibm.com/support/docview.wss?uid=swg1IY85474 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html BugTraq ID: 14240 http://www.securityfocus.com/bid/14240 Bugtraq: 20050712 MITKRB5-SA-2005-002: buffer overflow, heap corruption in KDC (Google Search) http://marc.info/?l=bugtraq&m=112122123211974&w=2 CERT/CC vulnerability note: VU#259798 http://www.kb.cert.org/vuls/id/259798 Debian Security Information: DSA-757 (Google Search) http://www.debian.org/security/2005/dsa-757 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10229 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A397 http://www.redhat.com/support/errata/RHSA-2005-567.html http://securitytracker.com/id?1014460 http://secunia.com/advisories/16041 http://secunia.com/advisories/17899 http://secunia.com/advisories/20364 SGI Security Advisory: 20050703-01-U ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809-1 SuSE Security Announcement: SUSE-SR:2005:017 (Google Search) http://www.novell.com/linux/security/advisories/2005_17_sr.html http://www.trustix.org/errata/2005/0036 TurboLinux Advisory: TLSA-2005-78 http://www.turbolinux.com/security/2005/TLSA-2005-78.txt https://usn.ubuntu.com/224-1/ http://www.vupen.com/english/advisories/2005/1066 http://www.vupen.com/english/advisories/2006/2074 XForce ISS Database: kerberos-kdc-krb5-tcp-connection-dos(21327) https://exchange.xforce.ibmcloud.com/vulnerabilities/21327 Common Vulnerability Exposure (CVE) ID: CVE-2005-1175 BugTraq ID: 14236 http://www.securityfocus.com/bid/14236 CERT/CC vulnerability note: VU#885830 http://www.kb.cert.org/vuls/id/885830 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A736 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9902 http://www.redhat.com/support/errata/RHSA-2005-562.html http://secunia.com/advisories/17135 XForce ISS Database: kerberos-kdc-krb5-udp-tcp-bo(21328) https://exchange.xforce.ibmcloud.com/vulnerabilities/21328 Common Vulnerability Exposure (CVE) ID: CVE-2005-1689 BugTraq ID: 14239 http://www.securityfocus.com/bid/14239 Bugtraq: 20050712 MITKRB5-SA-2005-003: double-free in krb5_recvauth (Google Search) http://marc.info/?l=bugtraq&m=112119974704542&w=2 CERT/CC vulnerability note: VU#623332 http://www.kb.cert.org/vuls/id/623332 Conectiva Linux advisory: CLA-2005:993 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000993 http://www.gentoo.org/security/en/glsa/glsa-200507-11.xml HPdes Security Advisory: HPSBUX02152 http://www.securityfocus.com/archive/1/446940/100/0/threaded HPdes Security Advisory: SSRT5973 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9819 http://securitytracker.com/id?1014461 http://secunia.com/advisories/22090 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101810-1 http://www.vupen.com/english/advisories/2006/3776 XForce ISS Database: kerberos-kdc-krb5recvauth-execute-code(21055) https://exchange.xforce.ibmcloud.com/vulnerabilities/21055
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com