It was discovered that the kpasswd service running on UDP port 464 could respond to response packets, creating a packet loop and a denial of service condition.

For the oldstable distribution (squeeze), this problem has been fixed in version 1.8.3+dfsg-4squeeze7. For the stable distribution (wheezy), this problem has been fixed in version 1.10.1+dfsg-5+deb7u1. For the testing distribution (jessie), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 1.10.1+dfsg-6. We recommend that you upgrade your krb5 packages.

Kerberos is a system for authenticating users and services on a network. Kerberos is a trusted third-party service.

krb5 on Debian Linux

This check tests the installed software version using the apt package manager.

• http://www.debian.org/security/2013/dsa-2701.html

---

Updated on 2015-03-25