Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310831517
HistoryDec 30, 2011 - 12:00 a.m.

Mandriva Update for krb5-appl MDVSA-2011:195 (krb5-appl)

2011-12-3000:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
14

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

High

EPSS

0.966

Percentile

99.7%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"http://lists.mandriva.com/security-announce/2011-12/msg00027.php");
  script_oid("1.3.6.1.4.1.25623.1.0.831517");
  script_version("2023-07-14T16:09:26+0000");
  script_tag(name:"last_modification", value:"2023-07-14 16:09:26 +0000 (Fri, 14 Jul 2023)");
  script_tag(name:"creation_date", value:"2011-12-30 09:13:14 +0530 (Fri, 30 Dec 2011)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_xref(name:"MDVSA", value:"2011:195");
  script_cve_id("CVE-2011-4862");
  script_name("Mandriva Update for krb5-appl MDVSA-2011:195 (krb5-appl)");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'krb5-appl'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("Mandrake Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release", re:"ssh/login/release=MNDK_(mes5|2010\.1)");
  script_tag(name:"affected", value:"krb5-appl on Mandriva Linux 2010.1,
  Mandriva Linux 2010.1/X86_64,
  Mandriva Enterprise Server 5,
  Mandriva Enterprise Server 5/X86_64");
  script_tag(name:"insight", value:"A vulnerability has been discovered and corrected in krb5-appl,
  heimdal and netkit-telnet:

  An unauthenticated remote attacker can cause a buffer overflow and
  probably execute arbitrary code with the privileges of the telnet
  daemon (CVE-2011-4862).

  In Mandriva the telnetd daemon from the netkit-telnet-server package
  does not have an initscript to start and stop the service, however
  one could rather easily craft an initscript or start the service by
  other means rendering the system vulnerable to this issue.

  The updated packages have been patched to correct this issue.");
  script_tag(name:"solution", value:"Please Install the Updated Packages.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release) exit(0);

res = "";

if(release == "MNDK_mes5")
{

  if ((res = isrpmvuln(pkg:"heimdal-daemons", rpm:"heimdal-daemons~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-devel", rpm:"heimdal-devel~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-devel-doc", rpm:"heimdal-devel-doc~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-ftp", rpm:"heimdal-ftp~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-ftpd", rpm:"heimdal-ftpd~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-libs", rpm:"heimdal-libs~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-login", rpm:"heimdal-login~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-rsh", rpm:"heimdal-rsh~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-rshd", rpm:"heimdal-rshd~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-server", rpm:"heimdal-server~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-telnet", rpm:"heimdal-telnet~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-telnetd", rpm:"heimdal-telnetd~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal-workstation", rpm:"heimdal-workstation~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"krb5-appl-clients", rpm:"krb5-appl-clients~1.0~0.4mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"krb5-appl-servers", rpm:"krb5-appl-servers~1.0~0.4mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"netkit-telnet", rpm:"netkit-telnet~0.17~4.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"netkit-telnet-server", rpm:"netkit-telnet-server~0.17~4.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"heimdal", rpm:"heimdal~1.2~4.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"krb5-appl", rpm:"krb5-appl~1.0~0.4mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}


if(release == "MNDK_2010.1")
{

  if ((res = isrpmvuln(pkg:"krb5-appl-clients", rpm:"krb5-appl-clients~1.0~4.2mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"krb5-appl-servers", rpm:"krb5-appl-servers~1.0~4.2mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"krb5-appl", rpm:"krb5-appl~1.0~4.2mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

nessus 31
veracode 1
openvas 39
prion 1
seebug 1
saint 4
packetstorm 5
zdt 3
checkpoint_advisories 1
centos 2
securityvulns 5
fedora 2
suse 8
oraclelinux 3
cvelist 1
cisco 1
redhat 4
debian 3
metasploit 3
freebsd 1
debiancve 1
freebsd_advisory 1
exploitdb 3
ubuntucve 1
gentoo 2
cve 1
nvd 1
vmware 2
nessus
nessus
openSUSE Security Update : krb5-appl (openSUSE-2012-17)
2014-06-13 00:00:00
RHEL 6 : krb5-appl (RHSA-2011:1852)
2011-12-28 00:00:00
Fedora 15 : krb5-appl-1.0.1-8.fc15 (2011-17492)
2012-01-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:05:32
openvas
openvas
RedHat Update for krb5 RHSA-2011:1851-01
2011-12-30 00:00:00
RedHat Update for krb5-appl RHSA-2011:1852-02
2012-07-09 00:00:00
CentOS Update for krb5-appl-clients CESA-2011:1852 centos6
2012-07-30 00:00:00
prion
prion
Buffer overflow
2011-12-25 01:55:00
seebug
seebug
FreeBSD 'telnetd'守护进程远程缓冲区溢出漏洞
2011-12-26 00:00:00
saint
saint
Telnetd Encryption Key ID Code Execution
2012-02-11 00:00:00
Telnetd Encryption Key ID Code Execution
2012-02-11 00:00:00
Telnetd Encryption Key ID Code Execution
2012-02-11 00:00:00
packetstorm
packetstorm
FreeBSD telnetd Remote Root
2012-01-16 00:00:00
FreeBSD based telnetd encrypt_key_id brute force
2012-01-11 00:00:00
Telnet Service Encryption Key ID Overflow Detection
2024-08-31 00:00:00
zdt
zdt
FreeBSD Telnet Service Encryption Key ID Buffer Overflow
2012-01-14 00:00:00
Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow
2012-01-14 00:00:00
Cisco Ironport WSA telnetd Remote Code Execution Vulnerability
2014-10-24 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Vendors BSD telnetd Encryption Key Buffer Overflow (CVE-2011-4862)
2012-05-14 00:00:00
centos
centos
krb5 security update
2011-12-27 21:11:42
krb5 security update
2011-12-27 20:44:52
securityvulns
securityvulns
Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability
2012-01-30 00:00:00
MIT / FreeBSD / Cisco telnetd buffer overflow
2012-01-30 00:00:00
FreeBSD Security Advisory FreeBSD-SA-11:08.telnetd
2012-01-02 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: krb5-appl-1.0.2-2.fc16
2012-01-05 21:03:02
[SECURITY] Fedora 15 Update: krb5-appl-1.0.1-8.fc15
2012-01-05 20:57:26
suse
suse
Security update for heimdal (important)
2012-01-05 12:36:30
Security update for heimdal (important)
2012-01-05 12:08:59
Security update for Kerberos 5 (important)
2012-01-05 12:36:16
oraclelinux
oraclelinux
krb5 security update
2011-12-27 00:00:00
krb5-appl security update
2011-12-27 00:00:00
krb5 security and bug fix update
2012-03-01 00:00:00
cvelist
cvelist
CVE-2011-4862
2011-12-25 01:00:00
cisco
cisco
Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability
2012-01-26 17:00:00
redhat
redhat
(RHSA-2011:1854) Critical: krb5-appl security update
2011-12-28 00:00:00
(RHSA-2011:1852) Critical: krb5-appl security update
2011-12-27 00:00:00
(RHSA-2011:1851) Critical: krb5 security update
2011-12-27 00:00:00
debian
debian
[SECURITY] [DSA 2372-1] heimdal security update
2011-12-25 17:14:18
[SECURITY] [DSA 2373-1] inetutils security update
2011-12-25 17:15:34
[SECURITY] [DSA 2375-1] krb5. krb5-appl security update
2011-12-26 13:18:10
metasploit
metasploit
FreeBSD Telnet Service Encryption Key ID Buffer Overflow
2011-12-28 05:37:30
Telnet Service Encryption Key ID Overflow Detection
2011-12-27 23:50:06
Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow
2011-12-28 06:00:10
freebsd
freebsd
krb5-appl -- telnetd code execution vulnerability
2011-12-23 00:00:00
debiancve
debiancve
CVE-2011-4862
2011-12-25 01:55:02
freebsd_advisory
freebsd_advisory
FreeBSD-SA-11:08.telnetd
2011-12-23 00:00:00
exploitdb
exploitdb
FreeBSD - Telnet Service Encryption Key ID Buffer Overflow (Metasploit)
2012-01-14 00:00:00
TelnetD encrypt_keyid - Function Pointer Overwrite
2011-12-26 00:00:00
Linux BSD-derived Telnet Service Encryption Key ID - Remote Buffer Overflow (Metasploit)
2012-01-14 00:00:00
ubuntucve
ubuntucve
CVE-2011-4862
2011-12-25 00:00:00
gentoo
gentoo
Heimdal: Arbitrary code execution
2012-02-22 00:00:00
MIT Kerberos 5 Applications: Multiple vulnerabilities
2012-01-23 00:00:00
cve
cve
CVE-2011-4862
2011-12-25 01:55:02
nvd
nvd
CVE-2011-4862
2011-12-25 01:55:02
vmware
vmware
VMware ESXi and ESX address several security issues
2012-03-29 00:00:00
VMware ESXi and ESX address several security issues
2012-03-29 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

High

EPSS

0.966

Percentile

99.7%

JSON
Related for OPENVAS:1361412562310831517
nessus31veracode1openvas39prion1seebug1saint4packetstorm5zdt3checkpoint_advisories1centos2securityvulns5fedora2suse8oraclelinux3cvelist1cisco1redhat4debian3metasploit3freebsd1debiancve1freebsd_advisory1exploitdb3ubuntucve1gentoo2cve1nvd1vmware2