10 matches found
CVE-2016-2860
The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the creator ID...
CVE-2016-2860
The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the creator ID...
CVE-2016-2860
CVE-2016-2860—OpenAFS : The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass access restrictions and create arbitrary groups as administrators by mishandling the creator ID. Impact is unauthorized group creat...
IBM OpenAFS ptserver elevation of privilege vulnerability
IBM OpenAFS is a distributed file system from IBM in the United States that allows sharing of files and resources between systems over LANs and WANs. A security vulnerability exists in IBM OpenAFS versions prior to 1.6.17 in ptserver. An attacker could exploit the vulnerability to create arbitrar...
CVE-2013-1795
Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service crash via a large list from the IdToName RPC, which triggers a heap-based buffer overflow...
DEBIAN-CVE-2013-1795
Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service crash via a large list from the IdToName RPC, which triggers a heap-based buffer overflow...
Integer overflow
Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service crash via a large list from the IdToName RPC, which triggers a heap-based buffer overflow...
CVE-2013-1795
Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service crash via a large list from the IdToName RPC, which triggers a heap-based buffer overflow...
CVE-2013-1795
Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service crash via a large list from the IdToName RPC, which triggers a heap-based buffer overflow...
Scientific Linux Security Update : openafs on SL5.x SL6.x i386/x86_64 (20130304)
By carefully crafting an ACL entry an attacker may overflow fixed length buffers within the OpenAFS fileserver, crashing the fileserver, and potentially permitting the execution of arbitrary code. To perform the exploit, the attacker must already have permissions to create ACLs on the fileserver ...