{"id": "ALAS-2013-208", "bulletinFamily": "unix", "title": "Medium: krb5", "description": "**Issue Overview:**\n\nIt was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server, causing the services to keep replying packets to each other, consuming network bandwidth and CPU. ([CVE-2002-2443 __](<https://access.redhat.com/security/cve/CVE-2002-2443>))\n\n \n**Affected Packages:** \n\n\nkrb5\n\n \n**Issue Correction:** \nRun _yum update krb5_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n krb5-workstation-1.10.3-10.26.amzn1.i686 \n krb5-devel-1.10.3-10.26.amzn1.i686 \n krb5-server-1.10.3-10.26.amzn1.i686 \n krb5-pkinit-openssl-1.10.3-10.26.amzn1.i686 \n krb5-libs-1.10.3-10.26.amzn1.i686 \n krb5-debuginfo-1.10.3-10.26.amzn1.i686 \n krb5-server-ldap-1.10.3-10.26.amzn1.i686 \n \n src: \n krb5-1.10.3-10.26.amzn1.src \n \n x86_64: \n krb5-server-ldap-1.10.3-10.26.amzn1.x86_64 \n krb5-workstation-1.10.3-10.26.amzn1.x86_64 \n krb5-server-1.10.3-10.26.amzn1.x86_64 \n krb5-libs-1.10.3-10.26.amzn1.x86_64 \n krb5-pkinit-openssl-1.10.3-10.26.amzn1.x86_64 \n krb5-debuginfo-1.10.3-10.26.amzn1.x86_64 \n krb5-devel-1.10.3-10.26.amzn1.x86_64 \n \n \n", "published": "2014-09-15T23:15:00", "modified": "2014-09-15T23:15:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://alas.aws.amazon.com/ALAS-2013-208.html", "reporter": "Amazon", "references": ["https://rhn.redhat.com/errata/RHSA-2013-0942.html"], "cvelist": ["CVE-2002-2443"], "type": "amazon", "lastseen": "2019-05-29T17:22:40", "history": [{"bulletin": {"affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-libs-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-libs", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-pkinit-openssl-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-pkinit-openssl", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-pkinit-openssl-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-pkinit-openssl", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-debuginfo-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-debuginfo", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-server-ldap-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-server-ldap", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-server-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-server", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "src", "operator": "lt", "packageFilename": "krb5-1.10.3-10.26.amzn1.src.rpm", "packageName": "krb5", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-server-ldap-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-server-ldap", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-devel-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-devel", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-server-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-server", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-workstation-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-workstation", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-debuginfo-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-debuginfo", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-devel-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-devel", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-workstation-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-workstation", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-libs-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-libs", "packageVersion": "1.10.3-10.26.amzn1"}], "bulletinFamily": "unix", "cvelist": ["CVE-2002-2443"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "**Issue Overview:**\n\nIt was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server, causing the services to keep replying packets to each other, consuming network bandwidth and CPU. ([CVE-2002-2443 __](<https://access.redhat.com/security/cve/CVE-2002-2443>))\n\n \n**Affected Packages:** \n\n\nkrb5\n\n \n**Issue Correction:** \nRun _yum update krb5_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n krb5-workstation-1.10.3-10.26.amzn1.i686 \n krb5-devel-1.10.3-10.26.amzn1.i686 \n krb5-server-1.10.3-10.26.amzn1.i686 \n krb5-pkinit-openssl-1.10.3-10.26.amzn1.i686 \n krb5-libs-1.10.3-10.26.amzn1.i686 \n krb5-debuginfo-1.10.3-10.26.amzn1.i686 \n krb5-server-ldap-1.10.3-10.26.amzn1.i686 \n \n src: \n krb5-1.10.3-10.26.amzn1.src \n \n x86_64: \n krb5-server-ldap-1.10.3-10.26.amzn1.x86_64 \n krb5-workstation-1.10.3-10.26.amzn1.x86_64 \n krb5-server-1.10.3-10.26.amzn1.x86_64 \n krb5-libs-1.10.3-10.26.amzn1.x86_64 \n krb5-pkinit-openssl-1.10.3-10.26.amzn1.x86_64 \n krb5-debuginfo-1.10.3-10.26.amzn1.x86_64 \n krb5-devel-1.10.3-10.26.amzn1.x86_64 \n \n \n", "edition": 1, "enchantments": {"dependencies": {"modified": "2018-10-02T16:55:23", "references": [{"idList": ["CESA-2013:0942"], "type": "centos"}, {"idList": ["CVE-2002-2443"], "type": "cve"}, {"idList": ["USN-2810-1"], "type": "ubuntu"}, {"idList": ["FEDORA_2013-8219.NASL", "ALA_ALAS-2013-208.NASL", "ORACLELINUX_ELSA-2013-0942.NASL", "OPENSUSE-2013-546.NASL", "SUSE_KRB5-8631.NASL", "DEBIAN_DSA-2701.NASL", "REDHAT-RHSA-2013-0942.NASL", "FREEBSD_PKG_E3F64457CCCD11E2AF76206A8A720317.NASL", "SL_20130612_KRB5_ON_SL5_X.NASL", "KRB_PINGPONG.NASL"], "type": "nessus"}, {"idList": ["RHSA-2013:1076", "RHSA-2013:0942"], "type": "redhat"}, {"idList": ["E3F64457-CCCD-11E2-AF76-206A8A720317"], "type": "freebsd"}, {"idList": ["ELSA-2013-0942"], "type": "oraclelinux"}, {"idList": ["GLSA-201312-12"], "type": "gentoo"}, {"idList": ["DEBIAN:DSA-2701-1:6460A"], "type": "debian"}, {"idList": ["OPENVAS:1361412562310871008", "OPENVAS:1361412562310881749", "OPENVAS:892701", "OPENVAS:1361412562310120029", "OPENVAS:881749", "OPENVAS:1361412562310892701", "OPENVAS:1361412562310881748", "OPENVAS:1361412562310802056", "OPENVAS:802056", "OPENVAS:1361412562310123609"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:30412", "SECURITYVULNS:VULN:13094", "SECURITYVULNS:DOC:29428"], "type": "securityvulns"}]}, "score": {"modified": "2018-10-02T16:55:23", "value": 5.0, "vector": "NONE"}}, "hash": "e713240ea7be23ec2475f49d068aa0d0978f1a82cf0ad1a9cba062b79453ee0e", "hashmap": [{"hash": "88540c945aca9f3eb5b279fe2606a156", "key": "cvelist"}, {"hash": "ae6c6f82d80f438f2f9407d5d6cf1fa6", "key": "references"}, {"hash": "46174b56c342a20af70cf12edbd5c316", "key": "affectedPackage"}, {"hash": "2d0d4809e6bdb6f4db3e547f27b1873c", "key": "type"}, {"hash": "381989b5c012eeeea2e02d9eda24d1fd", "key": "title"}, {"hash": "b3b3a6ac74ecbd56bcdbefa4799fb9df", "key": "reporter"}, {"hash": "0511d46f1f56a1ae80ff65138ea350cf", "key": "href"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "cbb87d74815b40c0d23b2c4c23c86b5c", "key": "description"}, {"hash": "83f64f6235765bf8631a8b10afb880e8", "key": "published"}, {"hash": "83f64f6235765bf8631a8b10afb880e8", "key": "modified"}], "history": [], "href": "https://alas.aws.amazon.com/ALAS-2013-208.html", "id": "ALAS-2013-208", "lastseen": "2018-10-02T16:55:23", "modified": "2014-09-15T23:15:00", "objectVersion": "1.3", "published": "2014-09-15T23:15:00", "references": ["https://rhn.redhat.com/errata/RHSA-2013-0942.html"], "reporter": "Amazon", "title": "Medium: krb5", "type": "amazon", "viewCount": 1}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2018-10-02T16:55:23"}], "edition": 2, "hashmap": [{"key": "affectedPackage", "hash": "46174b56c342a20af70cf12edbd5c316"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "88540c945aca9f3eb5b279fe2606a156"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "description", "hash": "cbb87d74815b40c0d23b2c4c23c86b5c"}, {"key": "href", "hash": "0511d46f1f56a1ae80ff65138ea350cf"}, {"key": "modified", "hash": "83f64f6235765bf8631a8b10afb880e8"}, {"key": "published", "hash": "83f64f6235765bf8631a8b10afb880e8"}, {"key": "references", "hash": "ae6c6f82d80f438f2f9407d5d6cf1fa6"}, {"key": "reporter", "hash": "b3b3a6ac74ecbd56bcdbefa4799fb9df"}, {"key": "title", "hash": "381989b5c012eeeea2e02d9eda24d1fd"}, {"key": "type", "hash": "2d0d4809e6bdb6f4db3e547f27b1873c"}], "hash": "e400645710100edd27af1dcd7fc3291bfcce1ea9c81130abba6a8353a0df4516", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2002-2443"]}, {"type": "freebsd", "idList": ["E3F64457-CCCD-11E2-AF76-206A8A720317"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_E3F64457CCCD11E2AF76206A8A720317.NASL", "SUSE_11_KRB5-130626.NASL", "FEDORA_2013-8113.NASL", "MANDRIVA_MDVSA-2013-166.NASL", "FEDORA_2013-8219.NASL", "ALA_ALAS-2013-208.NASL", "FEDORA_2013-8212.NASL", "REDHAT-RHSA-2013-0942.NASL", "SUSE_KRB5-8631.NASL", "ORACLELINUX_ELSA-2013-0942.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:871008", "OPENVAS:881748", "OPENVAS:1361412562310120029", "OPENVAS:1361412562310892701", "OPENVAS:892701", "OPENVAS:1361412562310881749", "OPENVAS:802056", "OPENVAS:1361412562310802056", "OPENVAS:1361412562310871008", "OPENVAS:881749"]}, {"type": "centos", "idList": ["CESA-2013:0942"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29428", "SECURITYVULNS:VULN:13094", "SECURITYVULNS:DOC:30412"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0942"]}, {"type": "redhat", "idList": ["RHSA-2013:0942", "RHSA-2013:1076"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2701-1:6460A"]}, {"type": "ubuntu", "idList": ["USN-2810-1"]}, {"type": "gentoo", "idList": ["GLSA-201312-12"]}], "modified": "2019-05-29T17:22:40"}, "score": {"value": 6.3, "vector": "NONE", "modified": "2019-05-29T17:22:40"}, "vulnersScore": 6.3}, "objectVersion": "1.3", "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-libs-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-libs", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-pkinit-openssl-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-pkinit-openssl", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-pkinit-openssl-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-pkinit-openssl", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-debuginfo-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-debuginfo", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-server-ldap-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-server-ldap", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-server-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-server", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "src", "operator": "lt", "packageFilename": "krb5-1.10.3-10.26.amzn1.src.rpm", "packageName": "krb5", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-server-ldap-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-server-ldap", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-devel-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-devel", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-server-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-server", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-workstation-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-workstation", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-debuginfo-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-debuginfo", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "i686", "operator": "lt", "packageFilename": "krb5-devel-1.10.3-10.26.amzn1.i686.rpm", "packageName": "krb5-devel", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-workstation-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-workstation", "packageVersion": "1.10.3-10.26.amzn1"}, {"OS": "Amazon Linux", "OSVersion": "any", "arch": "x86_64", "operator": "lt", "packageFilename": "krb5-libs-1.10.3-10.26.amzn1.x86_64.rpm", "packageName": "krb5-libs", "packageVersion": "1.10.3-10.26.amzn1"}], "scheme": null}

{"cve": [{"lastseen": "2019-05-29T18:07:40", "bulletinFamily": "NVD", "description": "schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.", "modified": "2016-12-07T02:59:00", "id": "CVE-2002-2443", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-2443", "published": "2013-05-29T14:29:00", "title": "CVE-2002-2443", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:36", "bulletinFamily": "unix", "description": "\nNo advisory has been released yet.\n\nschpw.c in the kpasswd service in kadmind in MIT Kerberos 5\n\t (aka krb5) before 1.11.3 does not properly validate UDP packets\n\t before sending responses, which allows remote attackers to cause\n\t a denial of service (CPU and bandwidth consumption) via a forged\n\t packet that triggers a communication loop, as demonstrated by\n\t krb_pingpong.nasl, a related issue to CVE-1999-0103.\n\t [CVE-2002-2443].\n\n", "modified": "2013-05-10T00:00:00", "published": "2013-05-10T00:00:00", "id": "E3F64457-CCCD-11E2-AF76-206A8A720317", "href": "https://vuxml.freebsd.org/freebsd/e3f64457-cccd-11e2-af76-206a8a720317.html", "title": "krb5 -- UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443]", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2019-11-01T02:40:00", "bulletinFamily": "scanner", "description": "No advisory has been released yet.\n\nschpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5)\nbefore 1.11.3 does not properly validate UDP packets before sending\nresponses, which allows remote attackers to cause a denial of service\n(CPU and bandwidth consumption) via a forged packet that triggers a\ncommunication loop, as demonstrated by krb_pingpong.nasl, a related\nissue to CVE-1999-0103. [CVE-2002-2443].", "modified": "2019-11-02T00:00:00", "id": "FREEBSD_PKG_E3F64457CCCD11E2AF76206A8A720317.NASL", "href": "https://www.tenable.com/plugins/nessus/66777", "published": "2013-06-04T00:00:00", "title": "FreeBSD : krb5 -- UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443] (e3f64457-cccd-11e2-af76-206a8a720317)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66777);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/07/10 16:04:13\");\n\n script_cve_id(\"CVE-2002-2443\");\n\n script_name(english:\"FreeBSD : krb5 -- UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443] (e3f64457-cccd-11e2-af76-206a8a720317)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"No advisory has been released yet.\n\nschpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5)\nbefore 1.11.3 does not properly validate UDP packets before sending\nresponses, which allows remote attackers to cause a denial of service\n(CPU and bandwidth consumption) via a forged packet that triggers a\ncommunication loop, as demonstrated by krb_pingpong.nasl, a related\nissue to CVE-1999-0103. [CVE-2002-2443].\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/www/krb5-1.11/\"\n );\n # https://vuxml.freebsd.org/freebsd/e3f64457-cccd-11e2-af76-206a8a720317.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c26750fe\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"krb5<=1.11.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-01T02:13:54", "bulletinFamily": "scanner", "description": "It was found that kadmind", "modified": "2019-11-02T00:00:00", "id": "ALA_ALAS-2013-208.NASL", "href": "https://www.tenable.com/plugins/nessus/69766", "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : krb5 (ALAS-2013-208)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-208.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69766);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2002-2443\");\n script_xref(name:\"ALAS\", value:\"2013-208\");\n script_xref(name:\"RHSA\", value:\"2013:0942\");\n\n script_name(english:\"Amazon Linux AMI : krb5 (ALAS-2013-208)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that kadmind's kpasswd service did not perform any\nvalidation on incoming network packets, causing it to reply to all\nrequests. A remote attacker could use this flaw to send spoofed\npackets to a kpasswd service that appear to come from kadmind on a\ndifferent server, causing the services to keep replying packets to\neach other, consuming network bandwidth and CPU. (CVE-2002-2443)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-208.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update krb5' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-pkinit-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"krb5-debuginfo-1.10.3-10.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-devel-1.10.3-10.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-libs-1.10.3-10.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-pkinit-openssl-1.10.3-10.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-server-1.10.3-10.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-server-ldap-1.10.3-10.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-workstation-1.10.3-10.26.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-pkinit-openssl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-01T02:27:09", "bulletinFamily": "scanner", "description": "This update pulls in the upstream fix for a UDP ping-pong\nvulnerability in the kpasswd service provided by kadmind\n(CVE-2002-2443).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2013-8219.NASL", "href": "https://www.tenable.com/plugins/nessus/66579", "published": "2013-05-24T00:00:00", "title": "Fedora 17 : krb5-1.10.2-12.fc17 (2013-8219)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-8219.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66579);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/12/05 20:31:21\");\n\n script_cve_id(\"CVE-2002-2443\");\n script_bugtraq_id(60008);\n script_xref(name:\"FEDORA\", value:\"2013-8219\");\n\n script_name(english:\"Fedora 17 : krb5-1.10.2-12.fc17 (2013-8219)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update pulls in the upstream fix for a UDP ping-pong\nvulnerability in the kpasswd service provided by kadmind\n(CVE-2002-2443).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=962531\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2fe0702c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"krb5-1.10.2-12.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-01T02:55:14", "bulletinFamily": "scanner", "description": "A vulnerability has been discovered and corrected in krb5 :\n\nThe kpasswd service provided by kadmind was vulnerable to a UDP\nping-pong attack (CVE-2002-2443).\n\nThe updated packages have been patched to correct this issue.", "modified": "2019-11-02T00:00:00", "id": "MANDRIVA_MDVSA-2013-166.NASL", "href": "https://www.tenable.com/plugins/nessus/66535", "published": "2013-05-22T00:00:00", "title": "Mandriva Linux Security Advisory : krb5 (MDVSA-2013:166)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:166. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66535);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/08/02 13:32:55\");\n\n script_cve_id(\"CVE-2002-2443\");\n script_bugtraq_id(60008);\n script_xref(name:\"MDVSA\", value:\"2013:166\");\n\n script_name(english:\"Mandriva Linux Security Advisory : krb5 (MDVSA-2013:166)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been discovered and corrected in krb5 :\n\nThe kpasswd service provided by kadmind was vulnerable to a UDP\nping-pong attack (CVE-2002-2443).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=962531\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-pkinit-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krb53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krb53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"krb5-1.9.2-3.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"krb5-pkinit-openssl-1.9.2-3.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"krb5-server-1.9.2-3.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.9.2-3.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"krb5-workstation-1.9.2-3.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64krb53-1.9.2-3.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64krb53-devel-1.9.2-3.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-03T12:18:01", "bulletinFamily": "scanner", "description": "This krb5 update fixes a security issue.\n\n - kpasswd UDP ping-pong (bug#825985 / CVE-2002-2443)", "modified": "2019-11-02T00:00:00", "id": "SUSE_11_KRB5-130626.NASL", "href": "https://www.tenable.com/plugins/nessus/68875", "published": "2013-07-14T00:00:00", "title": "SuSE 11.2 / 11.3 Security Update : krb5 (SAT Patch Numbers 7962 / 7968)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68875);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:46:55 $\");\n\n script_cve_id(\"CVE-2002-2443\");\n\n script_name(english:\"SuSE 11.2 / 11.3 Security Update : krb5 (SAT Patch Numbers 7962 / 7968)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This krb5 update fixes a security issue.\n\n - kpasswd UDP ping-pong (bug#825985 / CVE-2002-2443)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=825985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2002-2443.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 7962 / 7968 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-apps-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-apps-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"krb5-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"krb5-client-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"krb5-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"krb5-32bit-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"krb5-client-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"krb5-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"krb5-client-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"krb5-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"krb5-32bit-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"krb5-client-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"krb5-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"krb5-apps-clients-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"krb5-apps-servers-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"krb5-client-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"krb5-server-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"krb5-32bit-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"krb5-32bit-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"krb5-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"krb5-apps-clients-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"krb5-apps-servers-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"krb5-client-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"krb5-server-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"krb5-32bit-1.6.3-133.49.56.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"krb5-32bit-1.6.3-133.49.56.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-01T02:27:09", "bulletinFamily": "scanner", "description": "This update pulls in the upstream fix for a UDP ping-pong\nvulnerability in the kpasswd service provided by kadmind\n(CVE-2002-2443), and modifies the client library to treat KRB5CCNAME\nvalues which begin with ", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2013-8113.NASL", "href": "https://www.tenable.com/plugins/nessus/66597", "published": "2013-05-26T00:00:00", "title": "Fedora 19 : krb5-1.11.2-6.fc19 (2013-8113)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-8113.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66597);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/12/05 20:31:21\");\n\n script_cve_id(\"CVE-2002-2443\");\n script_bugtraq_id(60008);\n script_xref(name:\"FEDORA\", value:\"2013-8113\");\n\n script_name(english:\"Fedora 19 : krb5-1.11.2-6.fc19 (2013-8113)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update pulls in the upstream fix for a UDP ping-pong\nvulnerability in the kpasswd service provided by kadmind\n(CVE-2002-2443), and modifies the client library to treat KRB5CCNAME\nvalues which begin with 'DIR::' in a way that's almost the same as the\nway it treats values which begin with 'DIR:'.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=962531\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?144abe94\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"krb5-1.11.2-6.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-01T02:15:21", "bulletinFamily": "scanner", "description": "Updated krb5 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third-party, the Key Distribution Center (KDC).\n\nIt was found that kadmind", "modified": "2019-11-02T00:00:00", "id": "CENTOS_RHSA-2013-0942.NASL", "href": "https://www.tenable.com/plugins/nessus/66888", "published": "2013-06-14T00:00:00", "title": "CentOS 5 / 6 : krb5 (CESA-2013:0942)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0942 and \n# CentOS Errata and Security Advisory 2013:0942 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66888);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/02 15:30:18\");\n\n script_cve_id(\"CVE-2002-2443\");\n script_bugtraq_id(60008);\n script_xref(name:\"RHSA\", value:\"2013:0942\");\n\n script_name(english:\"CentOS 5 / 6 : krb5 (CESA-2013:0942)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated krb5 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third-party, the Key Distribution Center (KDC).\n\nIt was found that kadmind's kpasswd service did not perform any\nvalidation on incoming network packets, causing it to reply to all\nrequests. A remote attacker could use this flaw to send spoofed\npackets to a kpasswd service that appear to come from kadmind on a\ndifferent server, causing the services to keep replying packets to\neach other, consuming network bandwidth and CPU. (CVE-2002-2443)\n\nAll krb5 users should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing the updated\npackages, the krb5kdc and kadmind daemons will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-June/019785.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?74e27261\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-June/019786.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2302d2ab\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-pkinit-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-devel-1.6.1-70.el5_9.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-libs-1.6.1-70.el5_9.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-server-1.6.1-70.el5_9.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-server-ldap-1.6.1-70.el5_9.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-workstation-1.6.1-70.el5_9.2\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"krb5-devel-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"krb5-libs-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"krb5-pkinit-openssl-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"krb5-server-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"krb5-server-ldap-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"krb5-workstation-1.10.3-10.el6_4.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-pkinit-openssl / krb5-server / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-01T02:27:09", "bulletinFamily": "scanner", "description": "This update pulls in the upstream fix for a UDP ping-pong\nvulnerability in the kpasswd service provided by kadmind\n(CVE-2002-2443).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2013-8212.NASL", "href": "https://www.tenable.com/plugins/nessus/66534", "published": "2013-05-22T00:00:00", "title": "Fedora 18 : krb5-1.10.3-17.fc18 (2013-8212)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-8212.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66534);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/12/05 20:31:21\");\n\n script_cve_id(\"CVE-2002-2443\");\n script_bugtraq_id(60008);\n script_xref(name:\"FEDORA\", value:\"2013-8212\");\n\n script_name(english:\"Fedora 18 : krb5-1.10.3-17.fc18 (2013-8212)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update pulls in the upstream fix for a UDP ping-pong\nvulnerability in the kpasswd service provided by kadmind\n(CVE-2002-2443).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=962531\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e9e6caf9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"krb5-1.10.3-17.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-03T12:30:05", "bulletinFamily": "scanner", "description": "This krb5 update fixes a security issue.\n\n - kpasswd UDP ping-pong (bug#825985 / CVE-2002-2443)", "modified": "2019-11-02T00:00:00", "id": "SUSE_KRB5-8631.NASL", "href": "https://www.tenable.com/plugins/nessus/68877", "published": "2013-07-14T00:00:00", "title": "SuSE 10 Security Update : krb5 (ZYPP Patch Number 8631)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68877);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2013/07/14 23:43:58 $\");\n\n script_cve_id(\"CVE-2002-2443\");\n\n script_name(english:\"SuSE 10 Security Update : krb5 (ZYPP Patch Number 8631)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This krb5 update fixes a security issue.\n\n - kpasswd UDP ping-pong (bug#825985 / CVE-2002-2443)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2002-2443.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8631.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"krb5-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"krb5-client-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"krb5-devel-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"krb5-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"krb5-apps-clients-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"krb5-apps-servers-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"krb5-client-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"krb5-devel-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"krb5-server-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.49.53.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.49.53.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-01T03:14:26", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2013:0942 :\n\nUpdated krb5 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third-party, the Key Distribution Center (KDC).\n\nIt was found that kadmind", "modified": "2019-11-02T00:00:00", "id": "ORACLELINUX_ELSA-2013-0942.NASL", "href": "https://www.tenable.com/plugins/nessus/68835", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : krb5 (ELSA-2013-0942)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0942 and \n# Oracle Linux Security Advisory ELSA-2013-0942 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68835);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/09/30 10:58:18\");\n\n script_cve_id(\"CVE-2002-2443\");\n script_bugtraq_id(60008);\n script_xref(name:\"RHSA\", value:\"2013:0942\");\n\n script_name(english:\"Oracle Linux 5 / 6 : krb5 (ELSA-2013-0942)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0942 :\n\nUpdated krb5 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third-party, the Key Distribution Center (KDC).\n\nIt was found that kadmind's kpasswd service did not perform any\nvalidation on incoming network packets, causing it to reply to all\nrequests. A remote attacker could use this flaw to send spoofed\npackets to a kpasswd service that appear to come from kadmind on a\ndifferent server, causing the services to keep replying packets to\neach other, consuming network bandwidth and CPU. (CVE-2002-2443)\n\nAll krb5 users should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing the updated\npackages, the krb5kdc and kadmind daemons will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-June/003514.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-June/003515.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-pkinit-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"krb5-devel-1.6.1-70.el5_9.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-libs-1.6.1-70.el5_9.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-server-1.6.1-70.el5_9.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-server-ldap-1.6.1-70.el5_9.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-workstation-1.6.1-70.el5_9.2\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"krb5-devel-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"krb5-libs-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"krb5-pkinit-openssl-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"krb5-server-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"krb5-server-ldap-1.10.3-10.el6_4.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"krb5-workstation-1.10.3-10.el6_4.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-pkinit-openssl / krb5-server / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:54", "bulletinFamily": "unix", "description": "[1.10.3-10.3]\n- pull up fix for UDP ping-pong flaw in kpasswd service (CVE-2002-2443,", "modified": "2013-06-12T00:00:00", "published": "2013-06-12T00:00:00", "id": "ELSA-2013-0942", "href": "http://linux.oracle.com/errata/ELSA-2013-0942.html", "title": "krb5 security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2018-01-02T10:58:34", "bulletinFamily": "scanner", "description": "This host is running MIT Kerberos and is prone to denial of\n service vulnerability.", "modified": "2017-12-22T00:00:00", "published": "2013-06-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=802056", "id": "OPENVAS:802056", "title": "MIT Kerberos 5 kpasswd UDP Packet Denial Of Service Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mit_krb5_kpasswd_pingpong_dos_vuln.nasl 8236 2017-12-22 10:28:23Z cfischer $\n#\n# MIT Kerberos 5 kpasswd UDP Packet Denial Of Service Vulnerability\n#\n# Authors:\n# Veerendra G.G <veerendragg@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attacker to cause a denial of service via\n a forged packet that triggers a communication loop.\n Impact Level: Application\";\n\ntag_affected = \"MIT Kerberos 5 before 1.11.3\";\ntag_insight = \"The flaw is caused due to the kpasswd application does not properly validate\n UDP packets before sending responses and can be exploited to exhaust CPU and\n network resources via the UDP 'ping-pong' attack.\";\ntag_solution = \"Upgrade to MIT Kerberos 5 version 1.11.3 or later,\n For updates refer to http://web.mit.edu/kerberos\";\ntag_summary = \"This host is running MIT Kerberos and is prone to denial of\n service vulnerability.\";\n\nif(description)\n{\n script_id(802056);\n script_version(\"$Revision: 8236 $\");\n script_bugtraq_id(60008);\n script_cve_id(\"CVE-2002-2443\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 11:28:23 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-20 10:48:39 +0530 (Thu, 20 Jun 2013)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"MIT Kerberos 5 kpasswd UDP Packet Denial Of Service Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/53375\");\n script_xref(name : \"URL\" , value : \"http://seclists.org/oss-sec/2013/q2/316\");\n script_xref(name : \"URL\" , value : \"http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637\");\n script_xref(name : \"URL\" , value : \"https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_require_udp_ports(464);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"network_func.inc\");\n\n## Variable Initialization\nres = \"\";\nsock = \"\";\ncrap_data = \"\";\n\n## kpasswd UDP port\nkpasswd_port = 464;\n\n## Check UDP port status as get_udp_port_state() not working properly\nif(!check_udp_port_status(dport:kpasswd_port)){\n exit(0);\n}\n\n## Check port status\nsock = open_sock_udp(kpasswd_port);\nif(!sock){\n exit(0);\n}\n\n## Some crap data\ncrap_data = crap(25);\n\nsend(socket:sock, data:crap_data);\nres = recv(socket:sock, length:512);\n\n## If kpasswd responds means it's vulnerable to ping-pong attack\nif(\"kadmin\" >< res && \"changepw\" >< res)\n{\n security_message(port:kpasswd_port, protocol:\"udp\");\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:08", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2013-06-13T00:00:00", "id": "OPENVAS:1361412562310871008", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871008", "title": "RedHat Update for krb5 RHSA-2013:0942-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for krb5 RHSA-2013:0942-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871008\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-13 10:05:34 +0530 (Thu, 13 Jun 2013)\");\n script_cve_id(\"CVE-2002-2443\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Update for krb5 RHSA-2013:0942-01\");\n\n script_xref(name:\"RHSA\", value:\"2013:0942-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-June/msg00013.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'krb5'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"krb5 on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third-party, the Key Distribution Center (KDC).\n\n It was found that kadmind's kpasswd service did not perform any validation\n on incoming network packets, causing it to reply to all requests. A remote\n attacker could use this flaw to send spoofed packets to a kpasswd\n service that appear to come from kadmind on a different server, causing the\n services to keep replying packets to each other, consuming network\n bandwidth and CPU. (CVE-2002-2443)\n\n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing the updated\n packages, the krb5kdc and kadmind daemons will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-pkinit-openssl\", rpm:\"krb5-pkinit-openssl~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:28", "bulletinFamily": "scanner", "description": "This host is running MIT Kerberos and is prone to denial of\n service vulnerability.", "modified": "2018-10-12T00:00:00", "published": "2013-06-20T00:00:00", "id": "OPENVAS:1361412562310802056", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802056", "title": "MIT Kerberos 5 kpasswd UDP Packet Denial Of Service Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mit_krb5_kpasswd_pingpong_dos_vuln.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# MIT Kerberos 5 kpasswd UDP Packet Denial Of Service Vulnerability\n#\n# Authors:\n# Veerendra G.G <veerendragg@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802056\");\n script_version(\"$Revision: 11865 $\");\n script_bugtraq_id(60008);\n script_cve_id(\"CVE-2002-2443\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-20 10:48:39 +0530 (Thu, 20 Jun 2013)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"MIT Kerberos 5 kpasswd UDP Packet Denial Of Service Vulnerability\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/53375\");\n script_xref(name:\"URL\", value:\"http://seclists.org/oss-sec/2013/q2/316\");\n script_xref(name:\"URL\", value:\"http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637\");\n script_xref(name:\"URL\", value:\"https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_require_udp_ports(464);\n script_dependencies(\"gb_kerberos_detect_udp.nasl\");\n script_mandatory_keys(\"kerberos/detected\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to cause a denial of service via\n a forged packet that triggers a communication loop.\");\n script_tag(name:\"affected\", value:\"MIT Kerberos 5 before 1.11.3\");\n script_tag(name:\"insight\", value:\"The flaw is caused due to the kpasswd application does not properly validate\n UDP packets before sending responses and can be exploited to exhaust CPU and\n network resources via the UDP 'ping-pong' attack.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"solution\", value:\"Upgrade to MIT Kerberos 5 version 1.11.3 or later.\");\n script_tag(name:\"summary\", value:\"This host is running MIT Kerberos and is prone to denial of\n service vulnerability.\");\n script_xref(name:\"URL\", value:\"http://web.mit.edu/kerberos\");\n exit(0);\n}\n\n\ninclude(\"network_func.inc\");\n\n## kpasswd UDP port\nkpasswd_port = 464;\n\nif(!check_udp_port_status(dport:kpasswd_port)){\n exit(0);\n}\n\nsock = open_sock_udp(kpasswd_port);\nif(!sock){\n exit(0);\n}\n\n## Some crap data\ncrap_data = crap(25);\n\nsend(socket:sock, data:crap_data);\nres = recv(socket:sock, length:512);\n\n## If kpasswd responds means it's vulnerable to ping-pong attack\nif(\"kadmin\" >< res && \"changepw\" >< res)\n{\n security_message(port:kpasswd_port, protocol:\"udp\");\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:52:06", "bulletinFamily": "scanner", "description": "It was discovered that the kpasswd service running on UDP port 464\ncould respond to response packets, creating a packet loop and a denial\nof service condition.", "modified": "2017-07-07T00:00:00", "published": "2013-05-29T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=892701", "id": "OPENVAS:892701", "title": "Debian Security Advisory DSA 2701-1 (krb5 - denial of service)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2701.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2701-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"krb5 on Debian Linux\";\ntag_insight = \"Kerberos is a system for authenticating users and services on a network.\nKerberos is a trusted third-party service.\";\ntag_solution = \"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 1.8.3+dfsg-4squeeze7.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.10.1+dfsg-5+deb7u1.\n\nFor the testing distribution (jessie), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.10.1+dfsg-6.\n\nWe recommend that you upgrade your krb5 packages.\";\ntag_summary = \"It was discovered that the kpasswd service running on UDP port 464\ncould respond to response packets, creating a packet loop and a denial\nof service condition.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892701);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2002-2443\");\n script_name(\"Debian Security Advisory DSA 2701-1 (krb5 - denial of service)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-05-29 00:00:00 +0200 (Wed, 29 May 2013)\");\n script_tag(name: \"cvss_base\", value:\"5.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2701.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-kdc-ldap\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-multidev\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-pkinit\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssapi-krb5-2\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssrpc4\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libk5crypto3\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5clnt-mit7\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5srv-mit7\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkdb5-4\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-3\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dbg\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb53\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5support0\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-gss-samples\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-kdc-ldap\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-locales\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-multidev\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-pkinit\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssapi-krb5-2\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssrpc4\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libk5crypto3\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5clnt-mit8\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5srv-mit8\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkdb5-6\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-3\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dbg\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5support0\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:05", "bulletinFamily": "scanner", "description": "Amazon Linux Local Security Checks", "modified": "2018-10-01T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120029", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120029", "title": "Amazon Linux Local Check: ALAS-2013-208", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2013-208.nasl 6577 2017-07-06 13:43:46Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120029\");\n script_version(\"$Revision: 11703 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:15:41 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 10:05:31 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: ALAS-2013-208\");\n script_tag(name:\"insight\", value:\"It was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server, causing the services to keep replying packets to each other, consuming network bandwidth and CPU. (CVE-2002-2443 )\");\n script_tag(name:\"solution\", value:\"Run yum update krb5 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-208.html\");\n script_cve_id(\"CVE-2002-2443\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.10.3~10.26.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.10.3~10.26.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.10.3~10.26.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"krb5-pkinit-openssl\", rpm:\"krb5-pkinit-openssl~1.10.3~10.26.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.10.3~10.26.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.10.3~10.26.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.10.3~10.26.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-26T11:09:33", "bulletinFamily": "scanner", "description": "Check for the Version of krb5", "modified": "2018-01-26T00:00:00", "published": "2013-06-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=871008", "id": "OPENVAS:871008", "title": "RedHat Update for krb5 RHSA-2013:0942-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for krb5 RHSA-2013:0942-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third-party, the Key Distribution Center (KDC).\n\n It was found that kadmind's kpasswd service did not perform any validation\n on incoming network packets, causing it to reply to all requests. A remote\n attacker could use this flaw to send spoofed packets to a kpasswd\n service that appear to come from kadmind on a different server, causing the\n services to keep replying packets to each other, consuming network\n bandwidth and CPU. (CVE-2002-2443)\n\n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing the updated\n packages, the krb5kdc and kadmind daemons will be restarted automatically.\";\n\n\ntag_affected = \"krb5 on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(871008);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-13 10:05:34 +0530 (Thu, 13 Jun 2013)\");\n script_cve_id(\"CVE-2002-2443\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Update for krb5 RHSA-2013:0942-01\");\n\n script_xref(name: \"RHSA\", value: \"2013:0942-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2013-June/msg00013.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-pkinit-openssl\", rpm:\"krb5-pkinit-openssl~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.10.3~10.el6_4.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~70.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:00", "bulletinFamily": "scanner", "description": "It was discovered that the kpasswd service running on UDP port 464\ncould respond to response packets, creating a packet loop and a denial\nof service condition.", "modified": "2019-03-18T00:00:00", "published": "2013-05-29T00:00:00", "id": "OPENVAS:1361412562310892701", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892701", "title": "Debian Security Advisory DSA 2701-1 (krb5 - denial of service)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2701.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2701-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892701\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2002-2443\");\n script_name(\"Debian Security Advisory DSA 2701-1 (krb5 - denial of service)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-29 00:00:00 +0200 (Wed, 29 May 2013)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2701.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"krb5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 1.8.3+dfsg-4squeeze7.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.10.1+dfsg-5+deb7u1.\n\nFor the testing distribution (jessie), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.10.1+dfsg-6.\n\nWe recommend that you upgrade your krb5 packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that the kpasswd service running on UDP port 464\ncould respond to response packets, creating a packet loop and a denial\nof service condition.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-kdc-ldap\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-multidev\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-pkinit\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgssapi-krb5-2\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgssrpc4\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libk5crypto3\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkadm5clnt-mit7\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkadm5srv-mit7\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkdb5-4\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5-3\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5-dbg\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb53\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5support0\", ver:\"1.8.3+dfsg-4squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-gss-samples\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-kdc-ldap\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-locales\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-multidev\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-pkinit\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgssapi-krb5-2\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgssrpc4\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libk5crypto3\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkadm5clnt-mit8\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkadm5srv-mit8\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkdb5-6\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5-3\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5-dbg\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5support0\", ver:\"1.10.1+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:14", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:1361412562310881749", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881749", "title": "CentOS Update for krb5-devel CESA-2013:0942 centos5", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for krb5-devel CESA-2013:0942 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881749\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:39:56 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2002-2443\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for krb5-devel CESA-2013:0942 centos5\");\n\n script_xref(name:\"CESA\", value:\"2013:0942\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-June/019785.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'krb5-devel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"krb5-devel on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third-party, the Key Distribution Center (KDC).\n\n It was found that kadmind's kpasswd service did not perform any validation\n on incoming network packets, causing it to reply to all requests. A remote\n attacker could use this flaw to send spoofed packets to a kpasswd\n service that appear to come from kadmind on a different server, causing the\n services to keep replying packets to each other, consuming network\n bandwidth and CPU. (CVE-2002-2443)\n\n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing the updated\n packages, the krb5kdc and kadmind daemons will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-18T11:08:42", "bulletinFamily": "scanner", "description": "Check for the Version of krb5-devel", "modified": "2018-01-18T00:00:00", "published": "2013-06-18T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881748", "id": "OPENVAS:881748", "title": "CentOS Update for krb5-devel CESA-2013:0942 centos6 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for krb5-devel CESA-2013:0942 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third-party, the Key Distribution Center (KDC).\n\n It was found that kadmind's kpasswd service did not perform any validation\n on incoming network packets, causing it to reply to all requests. A remote\n attacker could use this flaw to send spoofed packets to a kpasswd\n service that appear to come from kadmind on a different server, causing the\n services to keep replying packets to each other, consuming network\n bandwidth and CPU. (CVE-2002-2443)\n\n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing the updated\n packages, the krb5kdc and kadmind daemons will be restarted automatically.\";\n\n\ntag_affected = \"krb5-devel on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(881748);\n script_version(\"$Revision: 8456 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 07:58:40 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:39:52 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2002-2443\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for krb5-devel CESA-2013:0942 centos6 \");\n\n script_xref(name: \"CESA\", value: \"2013:0942\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-June/019786.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5-devel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.10.3~10.el6_4.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.10.3~10.el6_4.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-pkinit-openssl\", rpm:\"krb5-pkinit-openssl~1.10.3~10.el6_4.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.10.3~10.el6_4.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.10.3~10.el6_4.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.10.3~10.el6_4.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.10.3~10.el6_4.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-24T11:09:42", "bulletinFamily": "scanner", "description": "Check for the Version of krb5-devel", "modified": "2018-01-24T00:00:00", "published": "2013-06-18T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881749", "id": "OPENVAS:881749", "title": "CentOS Update for krb5-devel CESA-2013:0942 centos5 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for krb5-devel CESA-2013:0942 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third-party, the Key Distribution Center (KDC).\n\n It was found that kadmind's kpasswd service did not perform any validation\n on incoming network packets, causing it to reply to all requests. A remote\n attacker could use this flaw to send spoofed packets to a kpasswd\n service that appear to come from kadmind on a different server, causing the\n services to keep replying packets to each other, consuming network\n bandwidth and CPU. (CVE-2002-2443)\n\n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing the updated\n packages, the krb5kdc and kadmind daemons will be restarted automatically.\";\n\n\ntag_affected = \"krb5-devel on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(881749);\n script_version(\"$Revision: 8509 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 07:57:46 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:39:56 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2002-2443\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for krb5-devel CESA-2013:0942 centos5 \");\n\n script_xref(name: \"CESA\", value: \"2013:0942\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-June/019785.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5-devel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.1~70.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:48", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2701-1 security@debian.org\r\nhttp://www.debian.org/security/ Michael Gilbert\r\nMay 29, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : krb5\r\nVulnerability : denial of service\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2002-2443\r\nDebian Bug : 708267\r\n\r\nIt was discovered that the kpasswd service running on UDP port 464\r\ncould respond to response packets, creating a packet loop and a denial\r\nof service condition.\r\n\r\nFor the oldstable distribution &#40;squeeze&#41;, this problem has been fixed in\r\nversion 1.8.3+dfsg-4squeeze7.\r\n\r\nFor the stable distribution &#40;wheezy&#41;, this problem has been fixed in\r\nversion 1.10.1+dfsg-5+deb7u1.\r\n\r\nFor the testing distribution &#40;jessie&#41;, this problem will be fixed soon.\r\n\r\nFor the unstable distribution &#40;sid&#41;, this problem has been fixed in\r\nversion 1.10.1+dfsg-6.\r\n\r\nWe recommend that you upgrade your krb5 packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 &#40;GNU/Linux&#41;\r\n\r\niQEcBAEBAgAGBQJRq7cMAAoJEL97/wQC1SS+XokH/32tha0CmciAxPGHrbMg2sdq\r\nsETbeDWKmClD9FLBBh4q6F69L6rA2mvBpuB01bL56UTvBHMOqHzIfyKYyhSDJ8N9\r\niU4FYQe3y2YHDyYhtMmckvsfPZeqQuxbBr9+zrEwZmi3zGzyTRMNeyfNpVdUo5SQ\r\nYpNcw3ycia3wIsuVrdp74TSUowAgojvvCVxU9F6JuiXc7SNbu7/PiPXt3d4Y9agq\r\nS/7D2IgLotNAclGP+Qwrvu4OEoZrGZ6wKMA5Elzh/YSW+LWQNTKRWAZu5S7KIkOb\r\n4+4sNfaDoRaVmo6cY+VoQcDxxwabkyQVhtk9NZdwqhIm/wZAdw9pIb+UgH5b47s=\r\n=uI9w\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-06-03T00:00:00", "published": "2013-06-03T00:00:00", "id": "SECURITYVULNS:DOC:29428", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29428", "title": "[SECURITY] [DSA 2701-1] krb5 security update", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:51", "bulletinFamily": "software", "description": "Server sends response to response, it makes it possible to loop packets between two servers.", "modified": "2013-06-03T00:00:00", "published": "2013-06-03T00:00:00", "id": "SECURITYVULNS:VULN:13094", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13094", "title": "MIT Kerberos 5 DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n\r\n\r\nESA-2014-016.txt\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nESA-2014-016: EMC VPLEX Multiple Vulnerabilities\r\n\r\nEMC Identifier: ESA-2014-016 \r\n\r\nCVE Identifier: See below for individual CVEs\r\n\r\nSeverity Rating: CVSS v2 Base Score: See below for individual CVSS scores\r\n\r\nAffected products: \r\n\r\nAll versions from VPLEX GeoSynchrony 4.0 through VPLEX GeoSynchrony 5.2.1 are affected\r\n\r\nSummary: \r\n\r\nEMC VPLEX GeoSynchrony 5.3 contains fixes for multiple vulnerabilities that could potentially be exploited by malicious users.\r\n\r\nDetails: \r\n\r\n\u2022Multiple Vulnerabilities affecting the VPLEX Web GUI. Please refer to the NVD website &#40;http://web.nvd.nist.gov/&#41; for more details on the below CVEs\r\n\r\nPath Traversal vulnerability in VPLEX GUI \u2013 CVE-2014-0632\r\nCVSS v2 Base Score: 9.0 &#40;AV:N/AC:L/Au:S/C:C/I:C/A:C&#41; \r\n\r\nVPLEX GUI Session Timeout validity vulnerability \u2013 CVE-2014-0633 \r\nCVSS v2 Base Score: 7.7 &#40;AV:A/AC:L/Au:S/C:C/I:C/A:C&#41;\r\n\r\nMissing HttpOnly attribute vulnerability \u2013 CVE-2014-0634\r\nCVSS v2 Base Score: 6 &#40;AV:N/AC:M/Au:S/C:P/I:P/A:P&#41;\r\n\r\nSession Fixation vulnerability \u2013 CVE-2014-0635\r\nCVSS v2 Base Score: 7.5 &#40;AV:N/AC:M/Au:S/C:C/I:P/A:P&#41;\r\n\r\nBEAST Attack \u2013 CVE-2011-3389\r\nCVSS v2 Base Score: See NVD advisory for the CVSS score.\r\n\r\n\u2022Multiple Embedded Component Vulnerabilities\r\n\r\nMultiple vulnerabilities in the following embedded components of the SLES Operating System have been fixed:\r\n\tKernel: CVE-2011-1044, CVE-2011-4110, CVE-2012-2136\r\n\tperl: CVE-2002-2443\r\n\tkrb5: CVE-2013-1667\r\n\tbind packages: CVE-2012-5166\r\nCVSS v2 Base Score: See NVD advisory for the individual CVSS scores.\r\n\r\nRemote Information Disclosure vulnerability in OpenSSH - CVE-2012-0814\r\nCVSS v2 Base Score: See NVD advisory for the CVSS score.\r\n\r\nMultiple vulnerabilities in Oracle Java and Apache Tomcat: This release also contains critical security updates for Oracle Java and Apache Tomcat. Oracle Java has been upgraded to 1.6.0_45 and Apache tomcat has been upgraded to 6.0.36. Please refer the following links for more information:\r\n\tJava: http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html \r\n\tTomcat: https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36 \r\nCVSS v2 Base Score: See vendor advisory for the individual CVSS scores.\r\n\r\nResolution:\r\n \r\nEMC recommends all customers to upgrade to VPLEX GeoSynchrony version 5.3 at their earliest opportunity. \r\n\r\nLink to remedies:\r\n\r\nCustomers can download the software from Support Zone.\r\n\r\n\r\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.\r\n\r\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.\r\n\r\nEMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided &quot;as is&quot; without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 &#40;Cygwin&#41;\r\n\r\niEYEARECAAYFAlMy6mgACgkQtjd2rKp+ALwqbACgmMupmaxQ1GTwg1a1onHdgo4Q\r\nBxYAn1iAOq12nZ2WudlyECe9hrNp/DEc\r\n=7q/t\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2014-03-31T00:00:00", "published": "2014-03-31T00:00:00", "id": "SECURITYVULNS:DOC:30412", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30412", "title": "ESA-2014-016: EMC VPLEX Multiple Vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-05-29T18:33:22", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2013:0942\n\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third-party, the Key Distribution Center (KDC).\n\nIt was found that kadmind's kpasswd service did not perform any validation\non incoming network packets, causing it to reply to all requests. A remote\nattacker could use this flaw to send spoofed packets to a kpasswd\nservice that appear to come from kadmind on a different server, causing the\nservices to keep replying packets to each other, consuming network\nbandwidth and CPU. (CVE-2002-2443)\n\nAll krb5 users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing the updated\npackages, the krb5kdc and kadmind daemons will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-June/019785.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-June/019786.html\n\n**Affected packages:**\nkrb5\nkrb5-devel\nkrb5-libs\nkrb5-pkinit-openssl\nkrb5-server\nkrb5-server-ldap\nkrb5-workstation\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0942.html", "modified": "2013-06-13T10:10:55", "published": "2013-06-13T02:16:03", "href": "http://lists.centos.org/pipermail/centos-announce/2013-June/019785.html", "id": "CESA-2013:0942", "title": "krb5 security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:19", "bulletinFamily": "unix", "description": "Kerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third-party, the Key Distribution Center (KDC).\n\nIt was found that kadmind's kpasswd service did not perform any validation\non incoming network packets, causing it to reply to all requests. A remote\nattacker could use this flaw to send spoofed packets to a kpasswd\nservice that appear to come from kadmind on a different server, causing the\nservices to keep replying packets to each other, consuming network\nbandwidth and CPU. (CVE-2002-2443)\n\nAll krb5 users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing the updated\npackages, the krb5kdc and kadmind daemons will be restarted automatically.\n", "modified": "2018-06-06T20:24:36", "published": "2013-06-12T04:00:00", "id": "RHSA-2013:0942", "href": "https://access.redhat.com/errata/RHSA-2013:0942", "type": "redhat", "title": "(RHSA-2013:0942) Moderate: krb5 security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:00", "bulletinFamily": "unix", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nIt was discovered that the fix for the CVE-2013-1619 issue released via\nRHSA-2013:0636 introduced a regression in the way GnuTLS decrypted TLS/SSL\nencrypted records when CBC-mode cipher suites were used. A remote attacker\ncould possibly use this flaw to crash a server or client application that\nuses GnuTLS. (CVE-2013-2116)\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2013-2174 (curl issue)\n\nCVE-2012-6548, CVE-2013-0914, CVE-2013-1848, CVE-2013-2128, CVE-2013-2634,\nCVE-2013-2635, CVE-2013-2852, CVE-2013-3222, CVE-2013-3224, CVE-2013-3225,\nand CVE-2013-3301 (kernel issues)\n\nCVE-2002-2443 (krb5 issue)\n\nCVE-2013-1950 (libtirpc issue)\n\nUpgrade Note: If you upgrade the Red Hat Enterprise Virtualization\nHypervisor through the 3.2 Manager administration portal, the Host may\nappear with the status of \"Install Failed\". If this happens, place the host\ninto maintenance mode, then activate it again to get the host back to an\n\"Up\" state. \n\nThis update also contains the fixes from the following errata:\n\n* ovirt-node: RHBA-2013:1077\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "modified": "2018-06-07T08:59:39", "published": "2013-07-16T04:00:00", "id": "RHSA-2013:1076", "href": "https://access.redhat.com/errata/RHSA-2013:1076", "type": "redhat", "title": "(RHSA-2013:1076) Important: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2019-05-30T02:22:49", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2701-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nMay 29, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2002-2443\nDebian Bug : 708267\n\nIt was discovered that the kpasswd service running on UDP port 464\ncould respond to response packets, creating a packet loop and a denial\nof service condition.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in\nversion 1.8.3+dfsg-4squeeze7.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.10.1+dfsg-5+deb7u1.\n\nFor the testing distribution (jessie), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.10.1+dfsg-6.\n\nWe recommend that you upgrade your krb5 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-06-02T21:12:25", "published": "2013-06-02T21:12:25", "id": "DEBIAN:DSA-2701-1:6460A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00109.html", "title": "[SECURITY] [DSA 2701-1] krb5 security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:44", "bulletinFamily": "unix", "description": "### Background\n\nMIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. \n\n### Description\n\nMultiple vulnerabilities have been discovered in the Key Distribution Center in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could send a specially crafted request, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Additionally, a remote attacker could impersonate a kadmind server and send a specially crafted packet to the password change port, which can result in a ping-pong condition and a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll MIT Kerberos 5 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.11.4\"", "modified": "2013-12-16T00:00:00", "published": "2013-12-16T00:00:00", "id": "GLSA-201312-12", "href": "https://security.gentoo.org/glsa/201312-12", "type": "gentoo", "title": "MIT Kerberos 5: Multiple vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2019-05-29T19:21:37", "bulletinFamily": "unix", "description": "It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. (CVE-2002-2443)\n\nIt was discovered that Kerberos incorrectly handled null bytes in certain data fields. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-5355)\n\nIt was discovered that the Kerberos kdcpreauth modules incorrectly tracked certain client requests. A remote attacker could possibly use this issue to bypass intended preauthentication requirements. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-2694)\n\nIt was discovered that Kerberos incorrectly handled certain SPNEGO packets. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2015-2695)\n\nIt was discovered that Kerberos incorrectly handled certain IAKERB packets. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2015-2696, CVE-2015-2698)\n\nIt was discovered that Kerberos incorrectly handled certain TGS requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2015-2697)", "modified": "2015-11-12T00:00:00", "published": "2015-11-12T00:00:00", "id": "USN-2810-1", "href": "https://usn.ubuntu.com/2810-1/", "title": "Kerberos vulnerabilities", "type": "ubuntu", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}]}