Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openafs vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-4135
The vos command in OpenAFS 1.6.x prior to 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote malicious users to obtain sensitive information by sniffing the network.
Openafs Openafs 1.6.2.1
Openafs Openafs 1.6.3
Openafs Openafs 1.6.4
Openafs Openafs 1.6.1
Openafs Openafs 1.6.0
Openafs Openafs 1.6.2
Debian Debian Linux 7.0
7.5
CVSSv2
CVE-2011-0430
Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote malicious users to cause a denial of service and execute arbitrary code via unknown vectors.
Openafs Openafs 1.4.14
Openafs Openafs 1.4.12
Openafs Openafs 1.4.7
5
CVSSv2
CVE-2011-0431
The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows malicious users to cause a denial of service via unknown vectors. NOTE: some of these details a...
Openafs Openafs 1.4.14
Openafs Openafs 1.4.12
Openafs Openafs 1.4.7
5
CVSSv2
CVE-2016-9772
OpenAFS 1.6.19 and previous versions allows remote malicious users to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.
Openafs Openafs
6.8
CVSSv2
CVE-2015-3283
OpenAFS prior to 1.6.13 allows remote malicious users to spoof bos commands via unspecified vectors.
Openafs Openafs
2.1
CVSSv2
CVE-2015-3285
The pioctl for the OSD FS command in OpenAFS prior to 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.
Openafs Openafs
4.6
CVSSv2
CVE-2015-3286
Buffer overflow in the Solaris kernel extension in OpenAFS prior to 1.6.13 allows local users to cause a denial of service (panic or deadlock) or possibly have other unspecified impact via a large group list when joining a PAG.
Openafs Openafs
5
CVSSv2
CVE-2016-4536
The client in OpenAFS prior to 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote malicious users to obtain sensitive memory information by leveraging ac...
Openafs Openafs
4.3
CVSSv2
CVE-2015-3282
vos in OpenAFS prior to 1.6.13, when updating VLDB entries, allows remote malicious users to obtain stack data by sniffing the network.
Openafs Openafs
2.1
CVSSv2
CVE-2015-3284
pioctls in OpenAFS 1.6.x prior to 1.6.13 allows local users to read kernel memory via crafted commands.
Openafs Openafs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »