CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16947
https://notcve.org/view.php?id=CVE-2018-16947
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. The backup tape controller (butc) process accepts incoming RPCs but does not require (or allow for) authentication of those RPCs. Handling those RPCs results in operations being performed with administrator credentials, including dumping/restoring volume contents and manipulating the backup database. For example, an unauthenticated attacker can replace any volume's content with arbitrary data. Se ha descubierto un problema en OpenAFS, en versiones anteriores a la 1.6.23 y versiones 1.8.x anteriores a la 1.8.2. • http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt https://lists.debian.org/debian-lts-announce/2018/09/msg00024.html https://www.debian.org/security/2018/dsa-4302 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2017-17432
https://notcve.org/view.php?id=CVE-2017-17432
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value. OpenAFS en versiones 1.x anteriores a la 1.6.22 no valida paquetes Rx ack correctamente, lo que permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado del sistema o de la aplicación) mediante campos manipulados, tal y como demuestra un subdesbordamiento de enteros y fallo de aserción para un valor MTU pequeño. • https://bugs.debian.org/883602 https://lists.debian.org/debian-lts-announce/2017/12/msg00016.html https://www.debian.org/security/2017/dsa-4067 https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt • CWE-617: Reachable Assertion •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9772
https://notcve.org/view.php?id=CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses. OpenAFS 1.6.19 y versiones anteriores permiten a atacantes remotos obtener información de directorio sensible a través de vectores que implican (1) la partición de caché de cliente, (2) partición del servidor de archivos vice o (3) ciertas respuestas de RPC. • http://www.openwall.com/lists/oss-security/2016/12/02/9 http://www.securityfocus.com/bid/94651 https://www.openafs.org/pages/security/OPENAFS-SA-2016-003.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4536
https://notcve.org/view.php?id=CVE-2016-4536
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic. El cliente en OpenAFS en versiones anteriores a 1.6.17 no inicializa adecuadamente las estructuras (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes y (4) ListAddrByAttributes, lo que podría permitir a atacantes remotos obtener información de memoria sensible aprovechando el acceso al tráfico de llamadas RPC. • https://lists.openafs.org/pipermail/openafs-announce/2016/000496.html https://www.openafs.org/dl/openafs/1.6.17/RELNOTES-1.6.17 https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8312
https://notcve.org/view.php?id=CVE-2015-8312
Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes. Error por un paso en afs_pioctl.c en OpenAFS en versiones anteriores a 1.6.16 podría permitir a usuarios locales provocar una denegación de servicio (sobrescritura de memoria y caída de sistema) a través de un pioctl con un tamaño de buffer de entrada de 4096 bytes. • http://git.openafs.org/?p=openafs.git%3Ba=commitdiff%3Bh=2ef863720da4d9f368aaca0461c672a3008195ca http://www.debian.org/security/2016/dsa-3569 https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16 • CWE-189: Numeric Errors •