ID de Prueba:	1.3.6.1.4.1.25623.1.1.2.2018.1354
Categoría:	Huawei EulerOS Local Security Checks
Título:	Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2018-1354)
Resumen:	The remote host is missing an update for the Huawei EulerOS 'krb5' package(s) announced via the EulerOS-SA-2018-1354 advisory.
Descripción:	Summary: The remote host is missing an update for the Huawei EulerOS 'krb5' package(s) announced via the EulerOS-SA-2018-1354 advisory. Vulnerability Insight: A denial of service flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to exit with an assertion failure by making an invalid S4U2Self or S4U2Proxy request.(CVE-2017-11368) An authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.(CVE-2017-7562) Affected Software/OS: 'krb5' package(s) on Huawei EulerOS V2.0SP2. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7562 BugTraq ID: 100511 http://www.securityfocus.com/bid/100511 RedHat Security Advisories: RHSA-2018:0666 https://access.redhat.com/errata/RHSA-2018:0666
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.