Fedora Core 1 : krb5-1.3.4-5 (2004-276)

NASLDB: Fedora Core 1 : krb5-1.3.4-5 (2004-276)

General

ID: 14592
Name: Fedora Core 1 : krb5-1.3.4-5 (2004-276)

Summary: Checks rpm output for the updated packages

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: –

Port: 0
Family: Fedora Local Security Checks
Type: Local

Description

Kerberos is a networked authentication system which uses a trusted
third party (a KDC) to authenticate clients and servers to each other.

Several double-free bugs were found in the Kerberos 5 KDC and
libraries. A remote attacker could potentially exploit these flaws to
execute arbitrary code. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the names CVE-2004-0642 and
CVE-2004-0643 to these issues.

A double-free bug was also found in the krb524 server (CVE-2004-0772),
however this issue does not affect Fedora Core.

An infinite loop bug was found in the Kerberos 5 ASN.1 decoder
library. A remote attacker may be able to trigger this flaw and cause
a denial of service. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2004-0642
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2004/08/31
Plugin Release: 2004/08/31

Plugin

Version: 1.14
Filename: fedora_2004-276.nasl
Filesize: 3671 bytes
MD5 Hash: b89abb6f179fef2c525d765dd1c2f0c8

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list
Dependencies: "ssh_get_info.nasl"

Latest Plugins

Latest Plugins

scip AG