Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
afs vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2015-3285
The pioctl for the OSD FS command in OpenAFS prior to 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.
Openafs Openafs
578
VMScore
CVE-2013-1794
Buffer overflow in certain client utilities in OpenAFS prior to 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry.
Openafs Openafs 1.5.74
Openafs Openafs 1.5.73
Openafs Openafs 1.5.76
Openafs Openafs 1.5.75
Openafs Openafs 1.5.68
Openafs Openafs 1.5.67
Openafs Openafs 1.5.66
Openafs Openafs 1.5.65
Openafs Openafs 1.5.57
Openafs Openafs 1.5.56
Openafs Openafs 1.5.39
Openafs Openafs 1.5.38
Openafs Openafs 1.5.31
Openafs Openafs 1.5.30
Openafs Openafs 1.5.22
Openafs Openafs 1.5.21
Openafs Openafs 1.5.14
Openafs Openafs 1.5.13
Openafs Openafs
Openafs Openafs 1.6.0
Openafs Openafs 1.5.72
Openafs Openafs 1.5.71
445
VMScore
CVE-2013-1795
Integer overflow in ptserver in OpenAFS prior to 1.6.2 allows remote malicious users to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.
Openafs Openafs 1.5.76
Openafs Openafs 1.5.75
Openafs Openafs 1.5.68
Openafs Openafs 1.5.67
Openafs Openafs 1.5.59
Openafs Openafs 1.5.78
Openafs Openafs 1.5.77
Openafs Openafs 1.5.70
Openafs Openafs 1.5.69
Openafs Openafs 1.5.61
Openafs Openafs 1.5.60
Openafs Openafs 1.5.53
Openafs Openafs 1.5.52
Openafs Openafs
Openafs Openafs 1.6.0
Openafs Openafs 1.5.72
Openafs Openafs 1.5.71
Openafs Openafs 1.5.64
Openafs Openafs 1.5.63
Openafs Openafs 1.5.62
Openafs Openafs 1.5.55
Openafs Openafs 1.5.54
NA
CVE-2024-26848
In the Linux kernel, the following vulnerability has been resolved: afs: Fix endless loop in directory parsing If a directory has a block with only ".__afsXXXX" files in it (from uncompleted silly-rename), these .__afsXXXX files are skipped but without advancing the fil...
383
VMScore
CVE-2013-4134
OpenAFS prior to 1.4.15, 1.6.x prior to 1.6.5, and 1.7.x prior to 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote malicious users to obtain the service key.
Openafs Openafs 1.7.20
Openafs Openafs 1.7.19
Openafs Openafs 1.7.18
Openafs Openafs 1.7.17
Openafs Openafs 1.4.8 Pre3
Openafs Openafs 1.4.8 Pre2
Openafs Openafs 1.4.8 Pre1
Openafs Openafs 1.4.8
Openafs Openafs 1.4.7 Pre5
Openafs Openafs 1.4.1
Openafs Openafs 1.4.0
Openafs Openafs 1.4
Openafs Openafs 1.3.81
Openafs Openafs 1.2.3
Openafs Openafs 1.2.2b
Openafs Openafs 1.2.2a
Openafs Openafs 1.2.2
Openafs Openafs 1.0.2
Openafs Openafs 1.0.1
Openafs Openafs 1.0
Openafs Openafs 1.6.2.1
Openafs Openafs 1.6.2
383
VMScore
CVE-2013-4135
The vos command in OpenAFS 1.6.x prior to 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote malicious users to obtain sensitive information by sniffing the network.
Openafs Openafs 1.6.2.1
Openafs Openafs 1.6.3
Openafs Openafs 1.6.4
Openafs Openafs 1.6.1
Openafs Openafs 1.6.0
Openafs Openafs 1.6.2
Debian Debian Linux 7.0
NA
CVE-2021-47365
In the Linux kernel, the following vulnerability has been resolved: afs: Fix page leak There's a loop in afs_extend_writeback() that adds extra pages to a write we want to make to improve the efficiency of the writeback by making it larger. This loop stops, however, if we hi...
668
VMScore
CVE-2011-0430
Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote malicious users to cause a denial of service and execute arbitrary code via unknown vectors.
Openafs Openafs 1.4.14
Openafs Openafs 1.4.12
Openafs Openafs 1.4.7
445
VMScore
CVE-2009-2562
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 up to and including 1.2.0 allows remote malicious users to cause a denial of service (crash) via unknown vectors.
Wireshark Wireshark 0.9.14
Wireshark Wireshark 0.99.6
Wireshark Wireshark 0.9.5
Wireshark Wireshark 0.9.6
Wireshark Wireshark 0.9.2
Wireshark Wireshark 1.0.6
Wireshark Wireshark 1.0.2
Wireshark Wireshark 1.0.3
Wireshark Wireshark 0.10.9
Wireshark Wireshark 0.99.8
Wireshark Wireshark 0.9.8
Wireshark Wireshark 0.99
Wireshark Wireshark 0.9.7
Wireshark Wireshark 1.0.8
Wireshark Wireshark 1.0
Wireshark Wireshark 0.99.4
Wireshark Wireshark 0.99.3
Wireshark Wireshark 0.99.1
Wireshark Wireshark 0.99.0
Wireshark Wireshark 1.0.5
Wireshark Wireshark 1.0.7
Wireshark Wireshark 0.99.7
445
VMScore
CVE-2018-16949
An issue exists in OpenAFS prior to 1.6.23 and 1.8.x prior to 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large...
Openafs Openafs
Debian Debian Linux 8.0
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »