Test ID:	1.3.6.1.4.1.25623.1.0.72078
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2011:184 (krb5)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to krb5 announced via advisory MDVSA-2011:184. A vulnerability has been discovered and corrected in krb5: The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error (CVE-2011-1530). The updated packages have been patched to correct this issue. Affected: 2011. Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2011:184 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-007.txt Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1530 BugTraq ID: 50929 http://www.securityfocus.com/bid/50929 Bugtraq: 20111206 MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling [CVE-2011-1530] (Google Search) http://www.securityfocus.com/archive/1/520756/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2011:184 http://www.redhat.com/support/errata/RHSA-2011-1790.html http://securitytracker.com/id?1026374 http://secunia.com/advisories/47124 XForce ISS Database: kerberos-processtgsreq-dos(71655) https://exchange.xforce.ibmcloud.com/vulnerabilities/71655
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.