VDB

GCVE-VVD-CERTCC-2000-602625

GCVE-VVD-CERTCC-2000-602625
Advisory Published
Vulnetix · Advisory published December 9, 2000
The environment variables krb4proxy and KRBCONFDIR may be respected by client programs such as login or su, in such a way that local or remote intruders can cause the client program to accept authentication requests from a malicious KDC. The vulnerabilites may be exploited remotely by passing these environment variables through a telnet connection.
Download JSON Open in Console

Risk Scores

certcc-cam
certcc-cam
impact20population10exploitation0widely_known15score_current14.7ease_of_exploitation10

Aliases

CVE-2001-0094

Transitive aliases

GHSA-xcx7-phx9-q93xVVD-CERTCC-2000-426273GSD-2001-0094EUVD-2001-0094VVD-CERTCC-2000-759265

References

KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely
url
KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely
url
KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›