ID de Prueba:	1.3.6.1.4.1.25623.1.0.802056
Categoría:	Denial of Service
Título:	MIT Kerberos 5 kpasswd UDP Packet DoS Vulnerability
Resumen:	MIT Kerberos is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: MIT Kerberos is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw exists because the kpasswd application does not properly validate UDP packets before sending responses and can be exploited to exhaust CPU and network resources via the UDP 'ping-pong' attack. Vulnerability Impact: Successful exploitation will allow attacker to cause a DoS via a forged packet that triggers a communication loop. Affected Software/OS: MIT Kerberos 5 before 1.11.3. Solution: Update to MIT Kerberos 5 version 1.11.3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	BugTraq ID: 60008 Common Vulnerability Exposure (CVE) ID: CVE-2002-2443 Debian Security Information: DSA-2701 (Google Search) http://www.debian.org/security/2013/dsa-2701 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:166 RedHat Security Advisories: RHSA-2013:0942 http://rhn.redhat.com/errata/RHSA-2013-0942.html SuSE Security Announcement: openSUSE-SU-2013:1119 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-07/msg00004.html SuSE Security Announcement: openSUSE-SU-2013:1122 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-07/msg00007.html http://www.ubuntu.com/usn/USN-2810-1
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.