Debian Local Security Checks : Debian Security Advisory DSA 4455-1 (heimdal

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.704455

Kategorie: Debian Local Security Checks

Titel: Debian Security Advisory DSA 4455-1 (heimdal - security update)

Zusammenfassung: The remote host is missing an update for the 'heimdal'; package(s) announced via the DSA-4455-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'heimdal'
package(s) announced via the DSA-4455-1 advisory.

Vulnerability Insight:
Several vulnerabilities were discovered in Heimdal, an implementation of
Kerberos 5 that aims to be compatible with MIT Kerberos.

CVE-2018-16860

Isaac Boukris and Andrew Bartlett discovered that Heimdal was
susceptible to man-in-the-middle attacks caused by incomplete
checksum validation. Details on the issue can be found in the
referenced Samba advisory.

CVE-2019-12098

It was discovered that failure of verification of the PA-PKINIT-KX key
exchange client-side could permit to perform man-in-the-middle attack.

Affected Software/OS:
'heimdal' package(s) on Debian Linux.

Solution:
For the stable distribution (stretch), these problems have been fixed in
version 7.1.0+dfsg-13+deb9u3.

We recommend that you upgrade your heimdal packages.

CVSS Score:
6.0

CVSS Vector:
AV:N/AC:M/Au:S/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-16860
Common Vulnerability Exposure (CVE) ID: CVE-2019-12098

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.704455
Kategorie:	Debian Local Security Checks
Titel:	Debian Security Advisory DSA 4455-1 (heimdal - security update)
Zusammenfassung:	The remote host is missing an update for the 'heimdal'; package(s) announced via the DSA-4455-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'heimdal' package(s) announced via the DSA-4455-1 advisory. Vulnerability Insight: Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos. CVE-2018-16860 Isaac Boukris and Andrew Bartlett discovered that Heimdal was susceptible to man-in-the-middle attacks caused by incomplete checksum validation. Details on the issue can be found in the referenced Samba advisory. CVE-2019-12098 It was discovered that failure of verification of the PA-PKINIT-KX key exchange client-side could permit to perform man-in-the-middle attack. Affected Software/OS: 'heimdal' package(s) on Debian Linux. Solution: For the stable distribution (stretch), these problems have been fixed in version 7.1.0+dfsg-13+deb9u3. We recommend that you upgrade your heimdal packages. CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-16860 Common Vulnerability Exposure (CVE) ID: CVE-2019-12098
Copyright	Copyright (C) 2019 Greenbone Networks GmbH