FreeBSD : krb5 -- MITKRB5-SA-2011-003, KDC vulnerable to double-free when PKINIT enabled (7edac52a-66cd-11e0-9398-5d45f3aa24f0)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

An advisory published by the MIT Kerberos team says :

The MIT Kerberos 5 Key Distribution Center (KDC) daemon is vulnerable
to a double-free condition if the Public Key Cryptography for Initial
Authentication (PKINIT) capability is enabled, resulting in daemon
crash or arbitrary code execution (which is believed to be difficult).

An unauthenticated remote attacker can induce a double-free event,
causing the KDC daemon to crash (denial of service), or to execute
arbitrary code. Exploiting a double-free event to execute arbitrary
code is believed to be difficult.

See also :

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt
http://www.nessus.org/u?4e2a34a9

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 53443 ()

Bugtraq ID:

CVE ID: CVE-2011-0284

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now