{"api_version":"1","generated_at":"2026-06-13T04:20:30+00:00","cve":"CVE-2000-0575","urls":{"html":"https://cve.report/CVE-2000-0575","api":"https://cve.report/api/cve/CVE-2000-0575.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2000-0575","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2000-0575"},"summary":{"title":"CVE-2000-0575","description":"SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS.","state":"PUBLISHED","assigner":"mitre","published_at":"2000-07-05 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.2","severity":"","vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securityfocus.com/bid/1426","name":"http://www.securityfocus.com/bid/1426","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"SSH 1.2.27 Kerberos Ticket Cache Exposure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://marc.info/?l=bugtraq&m=96256265914116&w=2","name":"http://marc.info/?l=bugtraq&m=96256265914116&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'Kerberos security vulnerability in SSH-1.2.27' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4903","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4903","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2000-0575","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2000-0575","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2000","cve_id":"575","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ssh","cpe5":"ssh","cpe6":"1.2.27","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T05:21:31.314Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1426","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/1426"},{"name":"ssh-kerberos-tickets-disclosure(4903)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4903"},{"name":"20000630 Kerberos security vulnerability in SSH-1.2.27","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=96256265914116&w=2"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2000-06-30T00:00:00.000Z","descriptions":[{"lang":"en","value":"SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2002-02-26T10:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"1426","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/1426"},{"name":"ssh-kerberos-tickets-disclosure(4903)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4903"},{"name":"20000630 Kerberos security vulnerability in SSH-1.2.27","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=96256265914116&w=2"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2000-0575","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1426","refsource":"BID","url":"http://www.securityfocus.com/bid/1426"},{"name":"ssh-kerberos-tickets-disclosure(4903)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4903"},{"name":"20000630 Kerberos security vulnerability in SSH-1.2.27","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=96256265914116&w=2"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2000-0575","datePublished":"2002-03-09T05:00:00.000Z","dateReserved":"2000-07-19T00:00:00.000Z","dateUpdated":"2024-08-08T05:21:31.314Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2000-07-05 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*","matchCriteriaId":"338EDA76-05D6-48C0-952E-6244A5F206F3"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2000","CveId":"575","Ordinal":"1","Title":"CVE-2000-0575","CVE":"CVE-2000-0575","Year":"2000"},"notes":[{"CveYear":"2000","CveId":"575","Ordinal":"1","NoteData":"SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS.","Type":"Description","Title":"CVE-2000-0575"},{"CveYear":"2000","CveId":"575","Ordinal":"2","NoteData":"2002-03-09","Type":"Other","Title":"Published"},{"CveYear":"2000","CveId":"575","Ordinal":"3","NoteData":"2002-02-26","Type":"Other","Title":"Modified"}]}}}