CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16949
https://notcve.org/view.php?id=CVE-2018-16949
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values and consume server resources waiting for those inputs, denying service to other valid connections. Se ha descubierto un problema en OpenAFS, en versiones anteriores a la 1.6.23 y versiones 1.8.x anteriores a la 1.8.2. Se implementaron varios tipos de datos empleados como variables de entrada RPC como tipos de array sin limitar, limitados solo por el campo length de 32 bits a 4 GB. • http://openafs.org/pages/security/OPENAFS-SA-2018-003.txt http://www.securityfocus.com/bid/106375 https://lists.debian.org/debian-lts-announce/2018/09/msg00024.html https://www.debian.org/security/2018/dsa-4302 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2017-17432
https://notcve.org/view.php?id=CVE-2017-17432
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value. OpenAFS en versiones 1.x anteriores a la 1.6.22 no valida paquetes Rx ack correctamente, lo que permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado del sistema o de la aplicación) mediante campos manipulados, tal y como demuestra un subdesbordamiento de enteros y fallo de aserción para un valor MTU pequeño. • https://bugs.debian.org/883602 https://lists.debian.org/debian-lts-announce/2017/12/msg00016.html https://www.debian.org/security/2017/dsa-4067 https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt • CWE-617: Reachable Assertion •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9772
https://notcve.org/view.php?id=CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses. OpenAFS 1.6.19 y versiones anteriores permiten a atacantes remotos obtener información de directorio sensible a través de vectores que implican (1) la partición de caché de cliente, (2) partición del servidor de archivos vice o (3) ciertas respuestas de RPC. • http://www.openwall.com/lists/oss-security/2016/12/02/9 http://www.securityfocus.com/bid/94651 https://www.openafs.org/pages/security/OPENAFS-SA-2016-003.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4536
https://notcve.org/view.php?id=CVE-2016-4536
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic. El cliente en OpenAFS en versiones anteriores a 1.6.17 no inicializa adecuadamente las estructuras (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes y (4) ListAddrByAttributes, lo que podría permitir a atacantes remotos obtener información de memoria sensible aprovechando el acceso al tráfico de llamadas RPC. • https://lists.openafs.org/pipermail/openafs-announce/2016/000496.html https://www.openafs.org/dl/openafs/1.6.17/RELNOTES-1.6.17 https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8312
https://notcve.org/view.php?id=CVE-2015-8312
Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes. Error por un paso en afs_pioctl.c en OpenAFS en versiones anteriores a 1.6.16 podría permitir a usuarios locales provocar una denegación de servicio (sobrescritura de memoria y caída de sistema) a través de un pioctl con un tamaño de buffer de entrada de 4096 bytes. • http://git.openafs.org/?p=openafs.git%3Ba=commitdiff%3Bh=2ef863720da4d9f368aaca0461c672a3008195ca http://www.debian.org/security/2016/dsa-3569 https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16 • CWE-189: Numeric Errors •