KTH Kerberos IV Privilege Escalation via krb4_proxy Variable

KTH Kerberos IV Privilege Escalation via krb4_proxy Variable

CVE-2001-0034 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges.

Learn more about our User Device Pen Test.