4 matches found
OpenAFS Multiple Vulnerabilities - Windows
OpenAFS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openafs:openafs"; ifdescription...
Debian DLA-493-1 : openafs security update
CVE-2015-8312: Off-by-one error in afspioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service memory overwrite and system crash via a pioctl with an input buffer size of 4096 bytes. - CVE-2016-2860: The newEntry function in ptserver/ptprocs.c in OpenAFS before...
Information disclosure
The client in OpenAFS before 1.6.17 does not properly initialize the 1 AFSStoreStatus, 2 AFSStoreVolumeStatus, 3 VldbListByAttributes, and 4 ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic...
CVE-2016-4536
OpenAFS prior to 1.6.17 is affected by CVE-2016-4536 due to improper initialization of four internal structures (AFSStoreStatus, AFSStoreVolumeStatus, VldbListByAttributes, ListAddrByAttributes). This could allow remote attackers with RPC access to leak memory information. Debian notes patches in...