|
Family: Debian Local Security Checks --> Category: infos
[DSA977] DSA-977-1 heimdal Vulnerability Scan
Vulnerability Scan Summary DSA-977-1 heimdal
Detailed Explanation for this Vulnerability Test
Two vulnerabilities have been discovered in heimdal, a free
implementation of Kerberos 5. The Common Vulnerabilities and
Exposures project identifies the following vulnerabilities:
Privilege escalation in the rsh server allows an authenticated
attacker to overwrite arbitrary files and gain ownership of them.
A remote attacker could force the telnet server to crash before
the user logged in, resulting in inetd turning telnetd off because
it forked too fast.
The old stable distribution (woody) does not expose rsh and telnet servers.
For the stable distribution (sarge) these problems have been fixed in
version 0.6.3-10sarge2.
For the unstable distribution (sid) these problems will be fixed soon.
We recommend that you upgrade your heimdal packages.
Solution : http://www.debian.org/security/2006/dsa-977
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|