CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2016/12/03 12:0 a.m.•18 views

DLA-733-1 openafs - security update

Bulletin has no description...

5.3CVSS5.4AI score0.01685EPSS

OpenVAS•added 2016/06/09 12:0 a.m.•25 views

OpenAFS Denial of Service Vulnerability - 02 - Windows

OpenAFS is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openafs:openafs";...

5CVSS6.4AI score0.01595EPSS

Exploits0References2

OpenVAS•added 2016/06/08 12:0 a.m.•25 views

OpenAFS Denial of Service Vulnerability - 01 - Windows

2.1CVSS6.2AI score0.00351EPSS

OpenVAS•added 2016/06/08 12:0 a.m.•17 views

OpenAFS Kernel Memory Leak Vulnerability - Windows

OpenAFS is prone to kernel memory leak vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openafs:openafs";...

2.1CVSS6.2AI score0.00383EPSS

OpenVAS•added 2016/06/08 12:0 a.m.•16 views

OpenAFS Detection (Windows SMB Login)

Detects the installed version of OpenAFS. The script logs in via smb, searches for SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

7.3AI score

OpenVAS•added 2016/06/08 12:0 a.m.•29 views

OpenAFS Multiple Vulnerabilities - Windows

OpenAFS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openafs:openafs"; ifdescription...

6.5CVSS6AI score0.01501EPSS

Exploits0References2

OpenVAS•added 2016/06/08 12:0 a.m.•19 views

OpenAFS Multiple Vulnerabilities - 01 - Windows

6.8CVSS6.4AI score0.02081EPSS

OpenVAS•added 2016/06/08 12:0 a.m.•28 views

OpenAFS Denial of Service Vulnerability - Windows

7.8CVSS6.1AI score0.00361EPSS

Exploits0References2

OpenVAS•added 2016/06/08 12:0 a.m.•20 views

OpenAFS Multiple Information Disclosure Vulnerabilities - Windows

OpenAFS is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE=...

5CVSS6.1AI score0.02133EPSS

Tenable Nessus•added 2016/06/06 12:0 a.m.•27 views

FreeBSD : openafs -- local DoS vulnerability (2e8fe57e-2b46-11e6-ae88-002590263bf5)

The OpenAFS development team reports : Avoid a potential denial of service issue, by fixing a bug in pioctl logic that allowed a local user to overrun a kernel buffer with a single NUL byte. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

7.8CVSS7.4AI score0.00361EPSS

Tenable Nessus•added 2016/06/06 12:0 a.m.•25 views

FreeBSD : openafs -- multiple vulnerabilities (bcbd3fe0-2b46-11e6-ae88-002590263bf5)

The OpenAFS development team reports : Foreign users can bypass access controls to create groups as system:administrators, including in the user namespace and the system: namespace. The contents of uninitialized memory are sent on the wire when clients perform certain RPCs. Depending on the RPC,...

6.5CVSS6.2AI score0.01501EPSS

Exploits0References6

Tenable Nessus•added 2016/05/31 12:0 a.m.•28 views

Debian DLA-493-1 : openafs security update

CVE-2015-8312: Off-by-one error in afspioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service memory overwrite and system crash via a pioctl with an input buffer size of 4096 bytes. - CVE-2016-2860: The newEntry function in ptserver/ptprocs.c in OpenAFS before...

7.8CVSS6.8AI score0.01501EPSS

Exploits0References5

Debian•added 2016/05/29 5:14 p.m.•21 views

[SECURITY] [DLA 493-1] openafs security update

Package : openafs Version : 1.6.1-3+deb7u6 CVE ID : CVE-2015-8312 CVE-2016-2860 CVE-2016-4536 CVE-2015-8312: Off-by-one error in afspioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service memory overwrite and system crash via a pioctl with an input buffer size of 40...

7.8CVSS7AI score0.01501EPSS

OSV•added 2016/05/29 12:0 a.m.•23 views

DLA-493-1 openafs - security update

Bulletin has no description...

7.8CVSS6AI score0.01501EPSS

CNVD•added 2016/05/19 12:0 a.m.•5 views

OpenAFS Denial of Service Vulnerability (CNVD-2016-03365)

OpenAFS is an open source distributed file system that allows sharing of files and resources between systems over local and wide area networks. A denial of service vulnerability exists in OpenAFS versions prior to 1.6.16, which can be exploited by a local attacker to cause a denial of service...

7.8CVSS6.4AI score0.00361EPSS

OSV•added 2016/05/13 4:59 p.m.•1 views

DEBIAN-CVE-2016-4536

The client in OpenAFS before 1.6.17 does not properly initialize the 1 AFSStoreStatus, 2 AFSStoreVolumeStatus, 3 VldbListByAttributes, and 4 ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic...

5.3CVSS6.7AI score0.01306EPSS

OSV•added 2016/05/13 4:59 p.m.•5 views

CVE-2016-4536

5.3CVSS6.4AI score

NVD•added 2016/05/13 4:59 p.m.•16 views

CVE-2016-4536

5.3CVSS5.5AI score0.01306EPSS

OSV•added 2016/05/13 4:59 p.m.•3 views

DEBIAN-CVE-2016-2860

The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the creator ID...

6.5CVSS6.9AI score0.01501EPSS