This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
It was found that kadmind's kpasswd service did not perform any
validation on incoming network packets, causing it to reply to all
requests. A remote attacker could use this flaw to send spoofed
packets to a kpasswd service that appear to come from kadmind on a
different server, causing the services to keep replying packets to
each other, consuming network bandwidth and CPU. (CVE-2002-2443)
See also :
Run 'yum update krb5' to update your system.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 69766 ()
CVE ID: CVE-2002-2443