ID |
CVE-2000-0575
|
Summary |
SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.2 (as of 10-10-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
bid | 1426 | bugtraq | 20000630 Kerberos security vulnerability in SSH-1.2.27 | xf | ssh-kerberos-tickets-disclosure(4903) |
|
Last major update |
10-10-2017 - 01:29 |
Published |
05-07-2000 - 04:00 |
Last modified |
10-10-2017 - 01:29 |