Lucene search

K

36 matches found

CVE
CVE
added 2003/03/25 5:0 a.m.89 views

CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a differ...

7.5CVSS9.8AI score0.56051EPSS
CVE
CVE
added 2009/04/09 12:30 a.m.71 views

CVE-2009-1250

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, re...

7.8CVSS6.2AI score0.05847EPSS
CVE
CVE
added 2019/10/29 7:15 p.m.71 views

CVE-2019-18602

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.

7.5CVSS7.1AI score0.00413EPSS
CVE
CVE
added 2011/02/19 1:0 a.m.65 views

CVE-2011-0431

The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors. NOTE: some of these details are obtained from third pa...

5CVSS6.2AI score0.00656EPSS
CVE
CVE
added 2016/05/13 4:59 p.m.64 views

CVE-2016-2860

The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the creator ID.

6.5CVSS6.2AI score0.00148EPSS
CVE
CVE
added 2019/10/29 7:15 p.m.63 views

CVE-2019-18603

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer.

5.9CVSS6.2AI score0.00413EPSS
CVE
CVE
added 2015/11/06 9:59 p.m.62 views

CVE-2015-7762

rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.

5CVSS6AI score0.00472EPSS
CVE
CVE
added 2017/12/06 12:29 a.m.62 views

CVE-2017-17432

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value.

7.8CVSS7.3AI score0.01235EPSS
CVE
CVE
added 2016/05/13 4:59 p.m.59 views

CVE-2015-8312

Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes.

7.8CVSS7.1AI score0.0004EPSS
CVE
CVE
added 2018/09/12 1:29 a.m.59 views

CVE-2018-16947

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. The backup tape controller (butc) process accepts incoming RPCs but does not require (or allow for) authentication of those RPCs. Handling those RPCs results in operations being performed with administrator credentials, includ...

9.8CVSS9.5AI score0.01565EPSS
CVE
CVE
added 2018/09/12 1:29 a.m.58 views

CVE-2018-16948

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSCB ...

7.5CVSS8.1AI score0.00376EPSS
CVE
CVE
added 2013/03/14 3:13 a.m.56 views

CVE-2013-1795

Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.

5CVSS6.7AI score0.02115EPSS
CVE
CVE
added 2007/03/20 10:19 a.m.55 views

CVE-2007-1507

The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x before 1.5.17 supports setuid programs within the local cell, which might allow attackers to gain privileges by spoofing a response to an AFS cache manager FetchStatus request, and setting setuid and root ownership for files in the c...

7.5CVSS6.2AI score0.01327EPSS
CVE
CVE
added 2015/08/12 2:59 p.m.54 views

CVE-2015-3284

pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands.

2.1CVSS5.8AI score0.00062EPSS
CVE
CVE
added 2019/10/29 7:15 p.m.54 views

CVE-2019-18601

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data access because remote attackers can make a series of VOTE_Debug RPC calls to crash a database server within the SVOTE_Debug RPC handler.

7.5CVSS7.3AI score0.01102EPSS
CVE
CVE
added 2013/03/14 3:13 a.m.53 views

CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry.

6.5CVSS7.5AI score0.02802EPSS
CVE
CVE
added 2018/09/12 1:29 a.m.53 views

CVE-2018-16949

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values a...

7.5CVSS8.4AI score0.06408EPSS
CVE
CVE
added 2016/05/13 4:59 p.m.52 views

CVE-2016-4536

The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic.

5.3CVSS5.5AI score0.00296EPSS
CVE
CVE
added 2009/04/09 12:30 a.m.51 views

CVE-2009-1251

Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a re...

10CVSS8.3AI score0.12626EPSS
CVE
CVE
added 2015/11/06 9:59 p.m.51 views

CVE-2015-7763

rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.

5CVSS6AI score0.00472EPSS
CVE
CVE
added 2008/01/04 2:46 a.m.50 views

CVE-2007-6599

Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operat...

4.3CVSS6.3AI score0.01346EPSS
CVE
CVE
added 2015/08/12 2:59 p.m.50 views

CVE-2015-3282

vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network.

4.3CVSS6.3AI score0.00472EPSS
CVE
CVE
added 2015/08/12 2:59 p.m.50 views

CVE-2015-3283

OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors.

6.8CVSS6.7AI score0.00768EPSS
CVE
CVE
added 2024/11/14 8:15 p.m.50 views

CVE-2024-10396

An authenticated user can provide a malformed ACL to the fileserver's StoreACLRPC, causing the fileserver to crash, possibly expose uninitialized memory, andpossibly store garbage data in the audit log.Malformed ACLs provided in responses to client FetchACL RPCs can cause clientprocesses to crash a...

7.1CVSS6.8AI score0.00313EPSS
CVE
CVE
added 2015/08/12 2:59 p.m.49 views

CVE-2015-3285

The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.

2.1CVSS6.1AI score0.00081EPSS
CVE
CVE
added 2017/02/06 5:59 p.m.49 views

CVE-2016-9772

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.

5.3CVSS5.2AI score0.00264EPSS
CVE
CVE
added 2024/11/14 8:15 p.m.49 views

CVE-2024-10394

A local user can bypass the OpenAFS PAG (Process Authentication Group)throttling mechanism in Unix clients, allowing the user to create a PAG usingan existing id number, effectively joining the PAG and letting the user stealthe credentials in that PAG.

8.4CVSS6.4AI score0.00032EPSS
CVE
CVE
added 2014/04/14 3:9 p.m.48 views

CVE-2014-0159

Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service (crash) via a crafted statsVersion argument.

5CVSS6.5AI score0.01389EPSS
CVE
CVE
added 2011/02/19 1:0 a.m.47 views

CVE-2011-0430

Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors.

7.5CVSS7.7AI score0.02293EPSS
CVE
CVE
added 2013/11/05 9:55 p.m.47 views

CVE-2013-4134

OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.

4.3CVSS6.4AI score0.00152EPSS
CVE
CVE
added 2015/09/02 10:59 a.m.47 views

CVE-2015-6587

The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.

4CVSS6AI score0.00625EPSS
CVE
CVE
added 2024/11/14 8:15 p.m.47 views

CVE-2024-10397

A malicious server can crash the OpenAFS cache manager and other clientutilities, and possibly execute arbitrary code.

7.8CVSS7.6AI score0.00191EPSS
CVE
CVE
added 2014/04/14 3:9 p.m.46 views

CVE-2014-2852

OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet.

5CVSS6.5AI score0.00474EPSS
CVE
CVE
added 2013/11/05 9:55 p.m.43 views

CVE-2013-4135

The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

4.3CVSS6.1AI score0.00283EPSS
CVE
CVE
added 2014/06/17 2:55 p.m.40 views

CVE-2014-4044

OpenAFS 1.6.8 does not properly clear the fields in the host structure, which allows remote attackers to cause a denial of service (uninitialized memory access and crash) via unspecified vectors related to TMAY requests.

5CVSS6.6AI score0.00603EPSS
CVE
CVE
added 2015/08/12 2:59 p.m.33 views

CVE-2015-3286

Buffer overflow in the Solaris kernel extension in OpenAFS before 1.6.13 allows local users to cause a denial of service (panic or deadlock) or possibly have other unspecified impact via a large group list when joining a PAG.

4.6CVSS7.1AI score0.00069EPSS