FreeBSD : krb5 -- multiple denial of service vulnerabilities (9ac0f9c4-492b-11df-83fb-0015587e2cc1)

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Two vulnerabilities in krb5 can be used by remote attackers in denial
of service attacks. The MIT security advisories report this as follows

An unauthenticated remote attacker can send an invalid request to a
KDC process that will cause it to crash due to an assertion failure,
creating a denial of service.

An unauthenticated remote attacker could cause a GSS-API application,
including the Kerberos administration daemon (kadmind) to crash.

See also :

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 45571 (freebsd_pkg_9ac0f9c4492b11df83fb0015587e2cc1.nasl)

Bugtraq ID: 38260

CVE ID: CVE-2010-0283

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now