This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
An advisory published by the MIT Kerberos team says :
The MIT krb5 Key Distribution Center (KDC) daemon is vulnerable to
denial of service attacks from unauthenticated remote attackers.
CVE-2011-0281 and CVE-2011-0282 occur only in KDCs using LDAP back
ends, but CVE-2011-0283 occurs in all krb5-1.9 KDCs.
Exploit code is not known to exist, but the vulnerabilities are easy
to trigger manually. The trigger for CVE-2011-0281 has already been
disclosed publicly, but that fact might not be obvious to casual
readers of the message in which it was disclosed. The triggers for
CVE-2011-0282 and CVE-2011-0283 have not yet been disclosed publicly,
but they are also trivial.
CVE-2011-0281: An unauthenticated remote attacker can cause a KDC
configured with an LDAP back end to become completely unresponsive
CVE-2011-0282: An unauthenticated remote attacker can cause a KDC
configured with an LDAP back end to crash with a NULL pointer
CVE-2011-0283: An unauthenticated remote attacker can cause a krb5-1.9
KDC with any back end to crash with a NULL pointer dereference.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0