CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0CVE-2015-7762 – Debian Security Advisory 3387-1
https://notcve.org/view.php?id=CVE-2015-7762
02 Nov 2015 — rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network. rx/rx.c en OpenAFS en versiones anteriores a 1.6.15 y 1.7.x en versiones anteriores a 1.7.33 no inicializa adecuadamente el relleno de una estructura de datos cuando construye un paquete de reconocimiento (ACK) Rx, ... • http://www.debian.org/security/2015/dsa-3387 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 81EXPL: 0CVE-2013-4134 – Mandriva Linux Security Advisory 2014-244
https://notcve.org/view.php?id=CVE-2013-4134
29 Jul 2013 — OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key. OpenAFS anterior a 1.4.15, 1.6.x anterior a 1.6.5 y 1.7.x anterior a 1.7.26 utiliza cifrado débil (DES) para las claves de Kerberos, lo que hace que sea más fácil para los atacantes remotos para obtener la clave de servicio. Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to... • http://www.debian.org/security/2013/dsa-2729 • CWE-310: Cryptographic Issues •