Vulnerability Description
SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ssh | Ssh | 1.2.27 |
References
- http://marc.info/?l=bugtraq&m=96256265914116&w=2
- http://www.securityfocus.com/bid/1426PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4903
- http://marc.info/?l=bugtraq&m=96256265914116&w=2
- http://www.securityfocus.com/bid/1426PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4903
FAQ
What is CVE-2000-0575?
CVE-2000-0575 is a vulnerability with a CVSS score of 7.2 (HIGH). SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff t...
How severe is CVE-2000-0575?
CVE-2000-0575 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0575?
Check the references section above for vendor advisories and patch information. Affected products include: Ssh Ssh.