CVE-2000-0575
Summary
| CVE | CVE-2000-0575 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2000-07-05 04:00:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS. |
Risk And Classification
Primary CVSS: v2.0 7.2 from [email protected]
AV:L/AC:L/Au:N/C:C/I:C/A:C
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
LowAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:L/AC:L/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SSH 1.2.27 Kerberos Ticket Cache Exposure Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Patch, Vendor Advisory |
| 'Kerberos security vulnerability in SSH-1.2.27' - MARC | af854a3a-2127-422b-91ae-364da2661108 | marc.info | |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.