Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0575

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2000-0575
Last Modified 10 Sep 2008 03:05:03
Published 05 Jul 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0575

Summary

SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS.

Vulnerable Systems

Application

  • Ssh 1.2.27


References

XF - ssh-kerberos-tickets-disclosure(4903)

BID - 1426

BUGTRAQ - 20000630 Kerberos security vulnerability in SSH-1.2.27


Last Updated: 27 May 2016 10:35:46