Computer Security
[EN] no-pyccku

MIT Kerberos 5 DoS
SecurityVulns ID:13094
Threat Level:
Description:Server sends response to response, it makes it possible to loop packets between two servers.
Affected:MIT : krb5 1.11
CVE:CVE-2002-2443 (schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2701-1] krb5 security update (03.06.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod