Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2012:0042-1)
Summary:The remote host is missing an update for the 'krb5' package(s) announced via the SUSE-SU-2012:0042-1 advisory.
The remote host is missing an update for the 'krb5' package(s) announced via the SUSE-SU-2012:0042-1 advisory.

Vulnerability Insight:
This update of krb5 fixes several security issues.

* CVE-2011-4862: A remote code execution in the kerberized telnet daemon was fixed. (This only affects the ktelnetd from the krb5-appl RPM, not the regular telnetd supplied by SUSE.)
* CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd unauthorized file access problems.
* CVE-2010-1323 / MITKRB5-SA-2010-007: Fixed multiple checksum handling vulnerabilities, where: o krb5 clients might have accepted unkeyed SAM-2 challenge checksums o krb5 might have accepted KRB-SAFE checksums with low-entropy derived keys
* CVE-2010-1321, MITKRB5-SA-2010-005: Fixed GSS-API library null pointer dereference

Security Issue reference:

* CVE-2011-4862

Affected Software/OS:
'krb5' package(s) on SUSE Linux Enterprise Server 10 SP2

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-1321
BugTraq ID: 40235
Bugtraq: 20100518 MITKRB5-SA-2010-005 [CVE-2010-1321] GSS-API lib null pointer deref (Google Search)
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
Cert/CC Advisory: TA10-287A
Cert/CC Advisory: TA11-201A
Debian Security Information: DSA-2052 (Google Search)
HPdes Security Advisory: HPSBMU02799
HPdes Security Advisory: HPSBUX02544
HPdes Security Advisory: SSRT100107
SuSE Security Announcement: SUSE-SR:2010:013 (Google Search)
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
SuSE Security Announcement: SUSE-SR:2010:019 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0010 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0042 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-1323
BugTraq ID: 45118
Bugtraq: 20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021] (Google Search)
Bugtraq: 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (Google Search)
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
Debian Security Information: DSA-2129 (Google Search)
HPdes Security Advisory: HPSBOV02682
HPdes Security Advisory: HPSBUX02623
HPdes Security Advisory: SSRT100355
HPdes Security Advisory: SSRT100495
SuSE Security Announcement: SUSE-SR:2010:023 (Google Search)
SuSE Security Announcement: SUSE-SR:2010:024 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-1526
BugTraq ID: 48571
Bugtraq: 20110705 MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526] (Google Search)
Debian Security Information: DSA-2283 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0018 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0050 (Google Search)
SuSE Security Announcement: openSUSE-SU-2011:1169 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:0019 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:0051 (Google Search)
XForce ISS Database: kerberos-krb5appl-priv-esc(68398)
Common Vulnerability Exposure (CVE) ID: CVE-2011-4862
Bugtraq: 20111226 MITKRB5-SA-2011-008 buffer overflow in telnetd [CVE-2011-4862] (Google Search)
Debian Security Information: DSA-2372 (Google Search)
Debian Security Information: DSA-2373 (Google Search)
Debian Security Information: DSA-2375 (Google Search)
FreeBSD Security Advisory: FreeBSD-SA-11:08
SuSE Security Announcement: SUSE-SU-2012:0024 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0056 (Google Search)
XForce ISS Database: multiple-telnetd-bo(71970)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.