639 matches found
UBUNTU-CVE-2017-17432
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service system crash or application crash via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value...
DEBIAN-CVE-2017-17432
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service system crash or application crash via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value...
CVE-2017-17432
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service system crash or application crash via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value...
CVE-2017-17432
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service system crash or application crash via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value...
CVE-2017-17432
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service system crash or application crash via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value...
OpenAFS Denial of Service Vulnerability (CNVD-2018-00203)
OpenAFS is a distributed file system that allows sharing of archives and resources between systems over LANs and WANs. A security vulnerability exists in version 1.x of OpenAFS prior to 1.6.22, which stems from the program failing to properly validate Rx ack packets. A remote attacker could explo...
CVE-2017-17432
OpenAFS 1.x prior to 1.6.22 is vulnerable: it does not properly validate Rx ack packets, leading to denial of service via crafted fields (integer underflow and assertion failure at small MTU). The issue is fixed in OpenAFS 1.6.22 (and via vendor advisories for Debian/Mageia/OpenAFS consumers). Af...
CVE-2017-17432
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service system crash or application crash via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value...
CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
Information disclosure
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
UBUNTU-CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
CVE-2016-9772
CVE-2016-9772 affects OpenAFS 1.6.19 and earlier, allowing remote attackers to obtain sensitive directory information via vectors including the client cache partition, the fileserver vice partition, or certain RPC responses. The linked documents corroborate the impact and note downstream package ...
CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
Updated openafs packages fix security vulnerability
Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain "dead" directory entry information. This extraneous information is not active - that is, it is logically invisible to the fileserver and client. However, the leaked information is...
MGASA-2017-0037 Updated openafs packages fix security vulnerability
Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain "dead" directory entry information. This extraneous information is not active - that is, it is logically invisible to the fileserver and client. However, the leaked information is...
OpenAFS Directory Information Disclosure Vulnerability
OpenAFS is a distributed file system from IBM in the United States that allows sharing of files and resources between systems over LANs and WANs. An information disclosure vulnerability exists in OpenAFS client versions prior to 1.6.19. An attacker can exploit this vulnerability to obtain sensiti...
Debian DLA-733-1 : openafs security update
It was discovered that there was an information leak vulnerability in openafs, a distributed filesystem. Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain 'dead' directory entry information. For Debian 7 'Wheezy', this issue has been...