CVE-2001-1444

The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:kth:kth_kerberos:4:*:*:*:*:*:*:*
cpe:2.3:a:kth:kth_kerberos:5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2001-08-27 04:00

Updated : 2024-02-04 16:31


NVD link : CVE-2001-1444

Mitre link : CVE-2001-1444

CVE.ORG link : CVE-2001-1444


JSON object : View

Products Affected

kth

  • kth_kerberos