FreeBSD : heimdal -- Multiple vulnerabilities (b62c80c2-b81a-11da-bec5-00123ffe8333)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

A Project heimdal Security Advisory reports :

The telnet client program in Heimdal has buffer overflows in the
functions slc_add_reply() and env_opt_add(), which may lead to remote
code execution.

The telnetd server program in Heimdal has buffer overflows in the
function getterminaltype, which may lead to remote code execution.

The rshd server in Heimdal has a privilege escalation bug when storing
forwarded credentials. The code allowes a user to overwrite a file
with its credential cache, and get ownership of the file.

See also :

http://www.pdc.kth.se/heimdal/advisory/2005-04-20
http://www.pdc.kth.se/heimdal/advisory/2005-06-20
http://www.pdc.kth.se/heimdal/advisory/2006-02-06
http://www.nessus.org/u?54527fc3

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21499 (freebsd_pkg_b62c80c2b81a11dabec500123ffe8333.nasl)

Bugtraq ID:

CVE ID: CVE-2005-0469
CVE-2005-2040
CVE-2006-0582
CVE-2006-0677

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now