SUSE-SA:2006:011: heimdal

Medium Nessus Plugin ID 21013


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2006:011 (heimdal).

Heimdal is a Kerberos 5 implementation from the Royal Institut of Techno- logy in Stockholm.
This update fixes two bugs in heimdal. The first one occurs in the rsh daemon and allows an authenticated malicious user to gain ownership of files that belong to other users (CVE-2006-0582).
The second bug affects the telnet server and can be used to crash the server before authentication happens. It is even a denial-of-service attack when the telnetd is started via inetd because inetd stops forking the daemon when it forks too fast (CVE-2006-0677).


Plugin Details

Severity: Medium

ID: 21013

File Name: suse_SA_2006_011.nasl

Version: $Revision: 1.4 $

Agent: unix

Published: 2006/03/06

Dependencies: 12634

Risk Information

Risk Factor: Medium

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list