Lucene search

[email protected]CVE-2001-0036

HistoryMay 07, 2001 - 4:00 a.m.

CVE-2001-0036

2001-05-0704:00:00

[email protected]

web.nvd.nist.gov

kerberos

local user

security vulnerability

symlink attack

overwrite

cve-2001-0036

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file.

Affected configurations

NVD

Node

kthkth_kerberosMatch4

CPENameOperatorVersion
kth:kth_kerberoskth kth kerberoseq4

CPE	Name	Operator	Version
kth:kth_kerberos	kth kth kerberos	eq	4

References

archives.neohapsis.com/archives/bugtraq/2000-12/0093.html

archives.neohapsis.com/archives/bugtraq/2000-12/0105.html

www.redhat.com/support/errata/RHSA-2001-025.html

exchange.xforce.ibmcloud.com/vulnerabilities/5754

Social References

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-0036

nvd1 cvelist1