This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Two vulnerabilities in krb5 can be used by remote attackers in denial
of service attacks. The MIT security advisories report this as follows
An unauthenticated remote attacker can send an invalid request to a
KDC process that will cause it to crash due to an assertion failure,
creating a denial of service.
An unauthenticated remote attacker could cause a GSS-API application,
including the Kerberos administration daemon (kadmind) to crash.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 45571 (freebsd_pkg_9ac0f9c4492b11df83fb0015587e2cc1.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now