Openafs@* Security Vulnerabilities and Issues — Openafs@* CVE List

Lucene search

OpenafsOpenafs*

5 matches found

CVE•added 2008/01/04 2:46 a.m.•50 views

CVE-2007-6599

Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operat...

4.3CVSS6.3AI score0.01346EPSS

CVE•added 2015/08/12 2:59 p.m.•50 views

CVE-2015-3282

vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network.

4.3CVSS6.3AI score0.00472EPSS

CVE•added 2013/11/05 9:55 p.m.•47 views

CVE-2013-4134

OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.

4.3CVSS6.4AI score0.00152EPSS

CVE•added 2015/09/02 10:59 a.m.•47 views

CVE-2015-6587

The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.

4CVSS6AI score0.00625EPSS

CVE•added 2015/08/12 2:59 p.m.•33 views

CVE-2015-3286

Buffer overflow in the Solaris kernel extension in OpenAFS before 1.6.13 allows local users to cause a denial of service (panic or deadlock) or possibly have other unspecified impact via a large group list when joining a PAG.

4.6CVSS7.1AI score0.00069EPSS