Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.880571 |
Category: | CentOS Local Security Checks |
Title: | CentOS Update for krb5-devel CESA-2010:0029 centos5 i386 |
Summary: | The remote host is missing an update for the 'krb5-devel'; package(s) announced via the referenced advisory. |
Description: | Summary: The remote host is missing an update for the 'krb5-devel' package(s) announced via the referenced advisory. Vulnerability Insight: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third party, the Key Distribution Center (KDC). Multiple integer underflow flaws, leading to heap-based corruption, were found in the way the MIT Kerberos Key Distribution Center (KDC) decrypted ciphertexts encrypted with the Advanced Encryption Standard (AES) and ARCFOUR (RC4) encryption algorithms. If a remote KDC client were able to provide a specially-crafted AES- or RC4-encrypted ciphertext or texts, it could potentially lead to either a denial of service of the central KDC (KDC crash or abort upon processing the crafted ciphertext), or arbitrary code execution with the privileges of the KDC (i.e., root privileges). (CVE-2009-4212) All krb5 users should upgrade to these updated packages, which contain a backported patch to correct these issues. All running services using the MIT Kerberos libraries must be restarted for the update to take effect. Affected Software/OS: krb5-devel on CentOS 5 Solution: Please install the updated packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-4212 http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html BugTraq ID: 37749 http://www.securityfocus.com/bid/37749 Debian Security Information: DSA-1969 (Google Search) http://www.debian.org/security/2010/dsa-1969 http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html HPdes Security Advisory: HPSBOV02682 http://marc.info/?l=bugtraq&m=130497213107107&w=2 HPdes Security Advisory: SSRT100495 http://www.mandriva.com/security/advisories?name=MDVSA-2010:006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192 RedHat Security Advisories: RHSA-2010:0029 https://rhn.redhat.com/errata/RHSA-2010-0029.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://www.securitytracker.com/id?1023440 http://secunia.com/advisories/38080 http://secunia.com/advisories/38108 http://secunia.com/advisories/38126 http://secunia.com/advisories/38140 http://secunia.com/advisories/38184 http://secunia.com/advisories/38203 http://secunia.com/advisories/38696 http://secunia.com/advisories/40220 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1 http://ubuntu.com/usn/usn-881-1 http://www.vupen.com/english/advisories/2010/0096 http://www.vupen.com/english/advisories/2010/0129 http://www.vupen.com/english/advisories/2010/1481 |
Copyright | Copyright (c) 2011 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |