CVE-2000-0514 — Kerberos 5 vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

0.9%

top 23.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

MIT Kerberos 5

Timeline

PublishedJun 14

Latest updateApr 30

Description

GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDmit/kerberos_51.1, 1.1.1+1

Patches

Patch: web.mit.edu ↗Patch: web.mit.edu ↗

🔴Vulnerability Details

GHSA

GHSA-78jm-gvg2-2jfx: GSSFTP FTP daemon in Kerberos 5 1↗2022-04-30

▶

CVEList

CVE-2000-0514: GSSFTP FTP daemon in Kerberos 5 1↗2000-10-13

▶