summaryrefslogtreecommitdiffstats
path: root/src/plugins/locate/python/python.exports
diff options
context:
space:
mode:
authorTom Yu <tlyu@mit.edu>2013-05-03 16:26:46 -0400
committerTom Yu <tlyu@mit.edu>2013-05-13 12:46:34 -0400
commitcf1a0c411b2668c57c41e9c4efd15ba17b6b322c (patch)
tree847fb5242e6c9e0a6f16c10f45de70b2bd300b1c /src/plugins/locate/python/python.exports
parent0a97afba6986e2818cd26869704820e00efcae63 (diff)
downloadkrb5-cf1a0c411b2668c57c41e9c4efd15ba17b6b322c.tar.gz
krb5-cf1a0c411b2668c57c41e9c4efd15ba17b6b322c.tar.xz
krb5-cf1a0c411b2668c57c41e9c4efd15ba17b6b322c.zip
Fix kpasswd UDP ping-pong [CVE-2002-2443]
The kpasswd service provided by kadmind was vulnerable to a UDP "ping-pong" attack [CVE-2002-2443]. Don't respond to packets unless they pass some basic validation, and don't respond to our own error packets. Some authors use CVE-1999-0103 to refer to the kpasswd UDP ping-pong attack or UDP ping-pong attacks in general, but there is discussion leading toward narrowing the definition of CVE-1999-0103 to the echo, chargen, or other similar built-in inetd services. Thanks to Vincent Danen for alerting us to this issue. CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:P/RL:O/RC:C ticket: 7637 (new) target_version: 1.11.3 tags: pullup
Diffstat (limited to 'src/plugins/locate/python/python.exports')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2026-01-12 13:35:57 +0000