Description
Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.
References (2)
Core 2
Core References
Exploit, Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-03/0078.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-025.html
Scores
EPSS
0.0011
EPSS Percentile
29.3%
Details
Status
published
Products (2)
mit/kerberos
4
mit/kerberos_5
1.5.2
Published
Jun 27, 2001
Tracked Since
Feb 18, 2026