SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/1426 | Patch Vendor Advisory |
http://marc.info/?l=bugtraq&m=96256265914116&w=2 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/4903 |
Configurations
Information
Published : 2000-07-04 21:00
Updated : 2017-10-09 18:29
NVD link : CVE-2000-0575
Mitre link : CVE-2000-0575
JSON object : View
CWE
Products Affected
ssh
- ssh