Detections
Analytics
Scientific Linux Security Update : krb5 on SL4.x, SL5.x i386/x86_64
critical Nessus Plugin ID 61214
Language:
Synopsis
The remote Scientific Linux host is missing one or more security updates.Description
Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third- party, the Key Distribution Center (KDC).A buffer overflow flaw was found in the MIT krb5 telnet daemon (telnetd). A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root.
(CVE-2011-4862)
Note that the krb5 telnet daemon is not enabled by default in any version of Scientific Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.
For users who have installed the krb5-workstation package, have enabled the telnet daemon, and have it accessible remotely, this update should be applied immediately.
All krb5-workstation users should upgrade to these updated packages, which contain a backported patch to correct this issue.
Solution
Update the affected packages.See Also
Plugin Details
Severity: Critical
ID: 61214
File Name: sl_20111227_krb5_on_SL4_x.nasl
Version: 1.10
Type: local
Agent: unix
Published: 8/1/2012
Updated: 1/14/2021
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: x-cpe:/o:fermilab:scientific_linux
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/27/2011
Exploitable With
Core Impact
Metasploit (Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow)
ExploitHub (EH-11-760)
Reference Information
CVE: CVE-2011-4862