Kerberos Server Spoofed Packet Amplification DoS (PingPong)

high Nessus Plugin ID 10640

Synopsis

The remote service is vulnerable to a denial of service attack.

Description

The remote host is running a Kerberos server that seems to be vulnerable to a 'ping-pong' attack.

When contacted on the UDP port, this service always responds, even to malformed requests. This makes it possible to involve it in a 'ping-pong' attack, in which an attacker spoofs a packet between two machines running this service, causing them to spew characters at each other, slowing the machines down and saturating the network.

Solution

Upgrade to krb5-1.11.3 or later. Additionally, you can disable this service if it is not required.

See Also

https://seclists.org/oss-sec/2013/q2/316

http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637

Plugin Details

Severity: High

ID: 10640

File Name: krb_pingpong.nasl

Version: 1.25

Type: remote

Family: Misc.

Published: 3/25/2001

Updated: 7/28/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2002-2443

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2/8/1996

Reference Information

CVE: CVE-2002-2443