Microsoft Information for VU#602625
KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely
- Vendor Information Help Date Notified: 11 Dec 2000
- Statement Date:
- Date Updated: 14 Dec 2000
Status
Not Affected
Vendor Statement
Windows 2000 does not support Kerb IV. W2K does not provide a kerberized telnetd, nor a Krb4 proxy server - therefore we're not vulnerable to VU#602625.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.