SUSE-SA:2006:011: heimdal

medium Nessus Plugin ID 21013

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2006:011 (heimdal).


Heimdal is a Kerberos 5 implementation from the Royal Institut of Techno- logy in Stockholm.
This update fixes two bugs in heimdal. The first one occurs in the rsh daemon and allows an authenticated malicious user to gain ownership of files that belong to other users (CVE-2006-0582).
The second bug affects the telnet server and can be used to crash the server before authentication happens. It is even a denial-of-service attack when the telnetd is started via inetd because inetd stops forking the daemon when it forks too fast (CVE-2006-0677).

Solution

http://www.suse.de/security/advisories/2006_11_heimdal.html

Plugin Details

Severity: Medium

ID: 21013

File Name: suse_SA_2006_011.nasl

Version: 1.7

Agent: unix

Published: 3/6/2006

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list