ID de Prueba:	1.3.6.1.4.1.25623.1.0.57777
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:008 (krb5)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to krb5 announced via advisory MDKSA-2007:008. A vulnerability in the RPC library in Kerberos 1.4.x and 1.5.x as used in the kadmind administration daemon calls an uninitialized function pointer in freed memory, which could allow a remote attacker to cause a Denial of Service and possibly execute arbitrary code via unspecified vectors. Updated packages are patched to address this issue. Affected: 2006.0, 2007.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:008 http://www.cert.org/advisories/481564 http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6143 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html BugTraq ID: 21970 http://www.securityfocus.com/bid/21970 Bugtraq: 20070109 MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer (Google Search) http://www.securityfocus.com/archive/1/456406/100/0/threaded Cert/CC Advisory: TA07-009B http://www.us-cert.gov/cas/techalerts/TA07-009B.html Cert/CC Advisory: TA07-109A http://www.us-cert.gov/cas/techalerts/TA07-109A.html CERT/CC vulnerability note: VU#481564 http://www.kb.cert.org/vuls/id/481564 http://fedoranews.org/cms/node/2375 http://fedoranews.org/cms/node/2376 http://security.gentoo.org/glsa/glsa-200701-21.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:008 http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.html http://osvdb.org/31281 http://securitytracker.com/id?1017493 http://secunia.com/advisories/23667 http://secunia.com/advisories/23696 http://secunia.com/advisories/23701 http://secunia.com/advisories/23706 http://secunia.com/advisories/23707 http://secunia.com/advisories/23772 http://secunia.com/advisories/23903 http://secunia.com/advisories/24966 SuSE Security Announcement: SUSE-SA:2007:004 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.html http://www.ubuntu.com/usn/usn-408-1 http://www.vupen.com/english/advisories/2007/0111 http://www.vupen.com/english/advisories/2007/1470 XForce ISS Database: kerberos-rpc-code-execution(31422) https://exchange.xforce.ibmcloud.com/vulnerabilities/31422
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.