CVEブラウザに戻る

CVE-2001-0034

HIGH

7.2

CVSS Severity Score

EPSS Score0.0760%

EPSS Percentile9.20th

Published2001年2月16日

Last Modified2026年4月16日

Vulnerability Description

KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges.

Affected Platforms (CPE)

📦

Kth

Kth Kerberos

<= 4.1.0.3

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html

🔗 http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5733

🔗 http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html

🔗 http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5733

関連する脆弱性情報

CVE-2002-123510.0

The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1....

CVE-2002-06007.5

Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via...

CVE-2001-14447.5

The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encr...

CVE-2001-00357.2

Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV allows remote attackers to cause a denial of service and possi...