Unrated severityNVD Advisory· Published Aug 27, 2001· Updated Jun 16, 2026
CVE-2001-1444
CVE-2001-1444
Description
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:kth:kth_kerberos:4:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:kth:kth_kerberos:4:*:*:*:*:*:*:*
- cpe:2.3:a:kth:kth_kerberos:5:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
3- josefsson.org/ktelnet/kerberos-telnet.htmlnvdExploit
- www.kb.cert.org/vuls/id/774587nvdThird Party AdvisoryUS Government Resource
- exchange.xforce.ibmcloud.com/vulnerabilities/10640nvd
News mentions
0No linked articles in our index yet.