CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
99.5%
Debian Security Advisory DSA-2701-1 [email protected]
http://www.debian.org/security/ Michael Gilbert
May 29, 2013 http://www.debian.org/security/faq
Package : krb5
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE ID : CVE-2002-2443
Debian Bug : 708267
It was discovered that the kpasswd service running on UDP port 464
could respond to response packets, creating a packet loop and a denial
of service condition.
For the oldstable distribution (squeeze), this problem has been fixed in
version 1.8.3+dfsg-4squeeze7.
For the stable distribution (wheezy), this problem has been fixed in
version 1.10.1+dfsg-5+deb7u1.
For the testing distribution (jessie), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1.10.1+dfsg-6.
We recommend that you upgrade your krb5 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | powerpc | krb5-multidev | < 1.10.1+dfsg-5+deb7u1 | krb5-multidev_1.10.1+dfsg-5+deb7u1_powerpc.deb |
Debian | 6 | amd64 | krb5-pkinit | < 1.8.3+dfsg-4squeeze7 | krb5-pkinit_1.8.3+dfsg-4squeeze7_amd64.deb |
Debian | 7 | all | krb5 | < 1.10.1+dfsg-5+deb7u1 | krb5_1.10.1+dfsg-5+deb7u1_all.deb |
Debian | 6 | ia64 | libgssapi-krb5-2 | < 1.8.3+dfsg-4squeeze7 | libgssapi-krb5-2_1.8.3+dfsg-4squeeze7_ia64.deb |
Debian | 6 | s390 | libkrb5-3 | < 1.8.3+dfsg-4squeeze7 | libkrb5-3_1.8.3+dfsg-4squeeze7_s390.deb |
Debian | 7 | s390x | libgssapi-krb5-2 | < 1.10.1+dfsg-5+deb7u1 | libgssapi-krb5-2_1.10.1+dfsg-5+deb7u1_s390x.deb |
Debian | 6 | amd64 | libkrb5-3 | < 1.8.3+dfsg-4squeeze7 | libkrb5-3_1.8.3+dfsg-4squeeze7_amd64.deb |
Debian | 7 | armel | libgssapi-krb5-2 | < 1.10.1+dfsg-5+deb7u1 | libgssapi-krb5-2_1.10.1+dfsg-5+deb7u1_armel.deb |
Debian | 7 | armel | krb5-user | < 1.10.1+dfsg-5+deb7u1 | krb5-user_1.10.1+dfsg-5+deb7u1_armel.deb |
Debian | 6 | mipsel | libkadm5srv-mit7 | < 1.8.3+dfsg-4squeeze7 | libkadm5srv-mit7_1.8.3+dfsg-4squeeze7_mipsel.deb |