6 matches found
CVE-2024-10394
A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG...
Mageia: Security Advisory (MGASA-2025-0013)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-10394
A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG...
CVE-2024-10394
A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG...
CVE-2024-10394
CVE-2024-10394 describes a local vulnerability in OpenAFS where an attacker can bypass the PAG throttling on Unix clients, allowing the creation of a PAG with an existing id and potentially stealing credentials in that PAG. Multiple connected advisories confirm the issue affects OpenAFS and outli...
CVE-2024-10394 Theft of credentials in Unix client PAGs
A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG...