Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2002-2443
Description:schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.
Test IDs: 1.3.6.1.4.1.25623.1.0.802056   1.3.6.1.4.1.25623.1.0.881749   1.3.6.1.4.1.25623.1.0.871008   1.3.6.1.4.1.25623.1.0.892701   1.3.6.1.4.1.25623.1.0.881748   1.3.6.1.4.1.25623.1.0.120029   1.3.6.1.4.1.25623.1.0.123609   1.3.6.1.4.1.25623.1.0.702701   1.3.6.1.4.1.25623.1.1.4.2013.1190.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2002-2443
Debian Security Information: DSA-2701 (Google Search)
http://www.debian.org/security/2013/dsa-2701
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:166
RedHat Security Advisories: RHSA-2013:0942
http://rhn.redhat.com/errata/RHSA-2013-0942.html
SuSE Security Announcement: openSUSE-SU-2013:1119 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-07/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:1122 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-07/msg00007.html
http://www.ubuntu.com/usn/USN-2810-1




© 1998-2021 E-Soft Inc. All rights reserved.