Unrated severityNVD Advisory· Published May 29, 2013· Updated Jun 16, 2026
CVE-2002-2443
CVE-2002-2443
Description
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
25cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*range: <1.11.3
- (no CPE)range: <1.11.3
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
12- github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322cnvdPatchThird Party Advisory
- krbdev.mit.edu/rt/Ticket/Display.htmlnvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-07/msg00004.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-07/msg00007.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-0942.htmlnvdThird Party Advisory
- www.debian.org/security/2013/dsa-2701nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.ubuntu.com/usn/USN-2810-1nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.