SUSE: Security Advisory (SUSE-SU-2013:1190-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2810-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2810-1: Kerberos vulnerabilities

It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2002-2443 It was discovered that Kerberos...

Oracle: Security Advisory (ELSA-2013-0942)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : krb5 (openSUSE-SU-2013:1119-1)

This update fixes a kpasswd UDP ping-pong security bug CVE-2002-2443. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-546. The text description of this plugin is C SUSE LLC...

Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes one security issue and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

SuSE 11.2 / 11.3 Security Update : krb5 (SAT Patch Numbers 7962 / 7968)

This krb5 update fixes a security issue. - kpasswd UDP ping-pong bug825985 / CVE-2002-2443 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. if...

SuSE 10 Security Update : krb5 (ZYPP Patch Number 8631)

This krb5 update fixes a security issue. - kpasswd UDP ping-pong bug825985 / CVE-2002-2443 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid68877;...

Medium: krb5

Issue Overview: It was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server,...

CentOS Update for krb5-devel CESA-2013:0942 centos6

Check for the Version of krb5-devel OpenVAS Vulnerability Test CentOS Update for krb5-devel CESA-2013:0942 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for krb5-devel CESA-2013:0942 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : krb5 on SL5.x, SL6.x i386/x86_64 (20130612)

It was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server, causing the...

RHEL 5 / 6 : krb5 (RHSA-2013:0942)

Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Updated krb5 packages fix security vulnerability

The kpasswd service provided by kadmind was vulnerable to a UDP ping-pong attack CVE-2002-2443...

[SECURITY] [DSA 2701-1] krb5 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2701-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 29, 2013 http://www.debian.org/security/faq -...

CVE-2002-2443

schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 aka krb5 before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service CPU and bandwidth consumption via a forged packet that triggers a communication loop, as...

CVE-2002-2443

CVE-2002-2443 affects MIT Kerberos 5 (krb5) kadmind, specifically the kpasswd service, where schpw.c does not validate incoming UDP packets. This can allow a remote attacker to cause a denial of service via a forged UDP packet that triggers a packet/communication loop, consuming CPU and bandwidth...

Fedora 19 : krb5-1.11.2-6.fc19 (2013-8113)

This update pulls in the upstream fix for a UDP ping-pong vulnerability in the kpasswd service provided by kadmind CVE-2002-2443, and modifies the client library to treat KRB5CCNAME values which begin with 'DIR::' in a way that's almost the same as the way it treats values which begin with 'DIR:'...

Fedora 18 : krb5-1.10.3-17.fc18 (2013-8212)

This update pulls in the upstream fix for a UDP ping-pong vulnerability in the kpasswd service provided by kadmind CVE-2002-2443. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically cle...

Mandriva Linux Security Advisory : krb5 (MDVSA-2013:166)

A vulnerability has been discovered and corrected in krb5 : The kpasswd service provided by kadmind was vulnerable to a UDP ping-pong attack CVE-2002-2443. The updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...