openSUSE 10 Security Update : krb5-apps-clients (krb5-apps-clients-1937)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Various return checks of setuid() and seteuid() calls have been fixed
in kerberos client and server applications.

If these applications are setuid, it might have been possible for
local attackers to gain root access (CVE-2006-3083).

We are not affected by the seteuid() problems, tracked by
CVE-2006-3084.

Solution :

Update the affected krb5-apps-clients packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 27312 ()

Bugtraq ID:

CVE ID: CVE-2006-3083
CVE-2006-3084

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now