Debian DSA-2375-1 : krb5, krb5-appl - buffer overflow

critical Nessus Plugin ID 57515

Synopsis

The remote Debian host is missing a security-related update.

Description

It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges.

Solution

Upgrade the krb5 and krb5-appl packages.

For the oldstable distribution (lenny), this problem has been fixed in version 1.6.dfsg.4~beta1-5lenny7 of krb5.

For the stable distribution (squeeze), this problem has been fixed in version 1:1.0.1-1.2 of krb5-appl.

See Also

https://packages.debian.org/source/squeeze/krb5-appl

https://www.debian.org/security/2011/dsa-2375

Plugin Details

Severity: Critical

ID: 57515

File Name: debian_DSA-2375.nasl

Version: 1.14

Type: local

Agent: unix

Published: 1/12/2012

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:krb5-appl, cpe:/o:debian:debian_linux:6.0, p-cpe:/a:debian:debian_linux:krb5, cpe:/o:debian:debian_linux:5.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/26/2011

Exploitable With

Core Impact

Metasploit (Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow)

ExploitHub (EH-11-760)

Reference Information

CVE: CVE-2011-4862

DSA: 2375