Vulnerabilities (CVE)

Filtered by vendor Openafs Subscribe
Total 36 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-10394 1 Openafs 1 Openafs 2025-08-07 N/A 7.8 HIGH
A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG.
CVE-2024-10396 1 Openafs 1 Openafs 2025-08-06 N/A 6.5 MEDIUM
An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to crash and possibly expose uninitialized memory into other ACLs stored on the server.
CVE-2024-10397 1 Openafs 1 Openafs 2025-08-05 N/A 7.8 HIGH
A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.
CVE-2016-9772 1 Openafs 1 Openafs 2025-04-20 5.0 MEDIUM 5.3 MEDIUM
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.
CVE-2017-17432 2 Debian, Openafs 2 Debian Linux, Openafs 2025-04-20 7.8 HIGH 7.5 HIGH
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value.
CVE-2015-3282 1 Openafs 1 Openafs 2025-04-12 4.3 MEDIUM N/A
vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network.
CVE-2015-6587 2 Debian, Openafs 2 Debian Linux, Openafs 2025-04-12 4.0 MEDIUM N/A
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.
CVE-2015-7762 2 Debian, Openafs 2 Debian Linux, Openafs 2025-04-12 5.0 MEDIUM N/A
rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
CVE-2015-3285 1 Openafs 1 Openafs 2025-04-12 2.1 LOW N/A
The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.
CVE-2016-4536 1 Openafs 1 Openafs 2025-04-12 5.0 MEDIUM 5.3 MEDIUM
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic.
CVE-2014-4044 1 Openafs 1 Openafs 2025-04-12 5.0 MEDIUM N/A
OpenAFS 1.6.8 does not properly clear the fields in the host structure, which allows remote attackers to cause a denial of service (uninitialized memory access and crash) via unspecified vectors related to TMAY requests.
CVE-2015-3284 1 Openafs 1 Openafs 2025-04-12 2.1 LOW N/A
pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands.
CVE-2016-2860 2 Debian, Openafs 2 Debian Linux, Openafs 2025-04-12 4.0 MEDIUM 6.5 MEDIUM
The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the creator ID.
CVE-2015-8312 2 Debian, Openafs 2 Debian Linux, Openafs 2025-04-12 7.2 HIGH 7.8 HIGH
Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes.
CVE-2015-7763 1 Openafs 1 Openafs 2025-04-12 5.0 MEDIUM N/A
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
CVE-2015-3283 1 Openafs 1 Openafs 2025-04-12 6.8 MEDIUM N/A
OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors.
CVE-2014-0159 2 Debian, Openafs 2 Debian Linux, Openafs 2025-04-12 5.0 MEDIUM N/A
Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service (crash) via a crafted statsVersion argument.
CVE-2014-2852 1 Openafs 1 Openafs 2025-04-12 5.0 MEDIUM N/A
OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet.
CVE-2015-3286 1 Openafs 1 Openafs 2025-04-12 4.6 MEDIUM N/A
Buffer overflow in the Solaris kernel extension in OpenAFS before 1.6.13 allows local users to cause a denial of service (panic or deadlock) or possibly have other unspecified impact via a large group list when joining a PAG.
CVE-2013-4134 2 Debian, Openafs 2 Debian Linux, Openafs 2025-04-11 4.3 MEDIUM N/A
OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.