ID de Prueba:	1.3.6.1.4.1.25623.1.0.58599
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200709-01 (mit-krb5)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory GLSA 200709-01. Two vulnerabilites have been found in MIT Kerberos 5, which could allow a remote unauthenticated user to execute arbitrary code with root privileges. Solution: All MIT Kerberos 5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-crypt/mit-krb5-1.5.3-r1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200709-01 http://bugs.gentoo.org/show_bug.cgi?id=191301 CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3999 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html BugTraq ID: 25534 http://www.securityfocus.com/bid/25534 BugTraq ID: 26444 http://www.securityfocus.com/bid/26444 Bugtraq: 20070906 rPSA-2007-0179-1 krb5 krb5-server krb5-services krb5-test krb5-workstation (Google Search) http://www.securityfocus.com/archive/1/478748/100/0/threaded Bugtraq: 20070912 ZDI-07-052: Multiple Kerberos Implementations Authentication Context Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/479251/100/0/threaded Cert/CC Advisory: TA07-319A http://www.us-cert.gov/cas/techalerts/TA07-319A.html CERT/CC vulnerability note: VU#883632 http://www.kb.cert.org/vuls/id/883632 Debian Security Information: DSA-1367 (Google Search) http://www.debian.org/security/2007/dsa-1367 Debian Security Information: DSA-1368 (Google Search) http://www.debian.org/security/2007/dsa-1368 https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00173.html http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml http://security.gentoo.org/glsa/glsa-200710-01.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:174 http://www.mandriva.com/security/advisories?name=MDKSA-2007:181 http://www.zerodayinitiative.com/advisories/ZDI-07-052.html https://bugzilla.redhat.com/show_bug.cgi?id=250973 http://lists.rpath.com/pipermail/security-announce/2007-September/000237.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3162 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9379 http://www.redhat.com/support/errata/RHSA-2007-0858.html http://www.redhat.com/support/errata/RHSA-2007-0913.html http://www.redhat.com/support/errata/RHSA-2007-0951.html http://www.securitytracker.com/id?1018647 http://secunia.com/advisories/26676 http://secunia.com/advisories/26680 http://secunia.com/advisories/26684 http://secunia.com/advisories/26691 http://secunia.com/advisories/26697 http://secunia.com/advisories/26699 http://secunia.com/advisories/26700 http://secunia.com/advisories/26705 http://secunia.com/advisories/26713 http://secunia.com/advisories/26728 http://secunia.com/advisories/26783 http://secunia.com/advisories/26792 http://secunia.com/advisories/26822 http://secunia.com/advisories/26896 http://secunia.com/advisories/26987 http://secunia.com/advisories/27043 http://secunia.com/advisories/27081 http://secunia.com/advisories/27146 http://secunia.com/advisories/27643 http://secunia.com/advisories/27756 http://secunia.com/advisories/29247 http://secunia.com/advisories/29270 http://securityreason.com/securityalert/3092 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201319-1 SuSE Security Announcement: SUSE-SR:2007:019 (Google Search) http://www.novell.com/linux/security/advisories/2007_19_sr.html SuSE Security Announcement: SUSE-SR:2007:024 (Google Search) http://www.novell.com/linux/security/advisories/2007_24_sr.html http://www.trustix.org/errata/2007/0026/ http://www.ubuntu.com/usn/usn-511-1 http://www.vupen.com/english/advisories/2007/3051 http://www.vupen.com/english/advisories/2007/3052 http://www.vupen.com/english/advisories/2007/3060 http://www.vupen.com/english/advisories/2007/3868 http://www.vupen.com/english/advisories/2008/0803/references XForce ISS Database: kerberos-rpcsecgss-bo(36437) https://exchange.xforce.ibmcloud.com/vulnerabilities/36437 Common Vulnerability Exposure (CVE) ID: CVE-2007-4000 BugTraq ID: 25533 http://www.securityfocus.com/bid/25533 Bugtraq: 20070907 FLEA-2007-0050-1 krb5 krb5-workstation (Google Search) http://www.securityfocus.com/archive/1/478794/100/0/threaded CERT/CC vulnerability note: VU#377544 http://www.kb.cert.org/vuls/id/377544 https://bugzilla.redhat.com/show_bug.cgi?id=250976 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278 XForce ISS Database: kerberos-modifypolicy-code-execution(36438) https://exchange.xforce.ibmcloud.com/vulnerabilities/36438
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.