CVE-2001-0034 – KTH Kerberos 4 - Arbitrary Proxy Usage
https://notcve.org/view.php?id=CVE-2001-0034
KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges. • https://www.exploit-db.com/exploits/20491 http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5733 •
CVE-1999-1099
https://notcve.org/view.php?id=CVE-1999-1099
Kerberos 4 allows remote attackers to obtain sensitive information via a malformed UDP packet that generates an error string that inadvertently includes the realm name and the last user. • http://marc.info/?l=bugtraq&m=87602167420184&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/65 •