CVE-2000-0575

high

Description

SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/4903

http://www.securityfocus.com/bid/1426

http://marc.info/?l=bugtraq&m=96256265914116&w=2

Details

Source: Mitre, NVD

Published: 2000-07-05

Updated: 2017-10-10

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High