Lucene search

[email protected]CVE-2001-0033

HistoryMay 07, 2001 - 4:00 a.m.

CVE-2001-0033

2001-05-0704:00:00

[email protected]

web.nvd.nist.gov

kth kerberos iv

local exploit

elevated privilege

krbconfdir

nvd

cve-2001-0033

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.

Affected configurations

NVD

Node

kthkth_kerberosMatch4

Node

netbsdnetbsdMatch1.5

CPENameOperatorVersion
kth:kth_kerberoskth kth kerberoseq4

CPE	Name	Operator	Version
kth:kth_kerberos	kth kth kerberos	eq	4

References

archives.neohapsis.com/archives/bugtraq/2000-12/0093.html

archives.neohapsis.com/archives/bugtraq/2000-12/0105.html

exchange.xforce.ibmcloud.com/vulnerabilities/5738

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-0033

cvelist1 nvd1