Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-4134

Published: 05/11/2013 Updated: 24/08/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Openafs

Vulnerability Summary

OpenAFS prior to 1.4.15, 1.6.x prior to 1.6.5, and 1.7.x prior to 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote malicious users to obtain the service key.

Vulnerable Product Search on Vulmon Subscribe to Product

openafs openafs 1.7.20

openafs openafs 1.7.19

openafs openafs 1.7.18

openafs openafs 1.7.17

openafs openafs 1.4.8_pre3

openafs openafs 1.4.8_pre2

openafs openafs 1.4.8_pre1

openafs openafs 1.4.8

openafs openafs 1.4.7_pre5

openafs openafs 1.4.1

openafs openafs 1.4.0

openafs openafs 1.4

openafs openafs 1.3.81

openafs openafs 1.2.3

openafs openafs 1.2.2b

openafs openafs 1.2.2a

openafs openafs 1.2.2

openafs openafs 1.0.2

openafs openafs 1.0.1

openafs openafs 1.0

openafs openafs 1.6.2.1

openafs openafs 1.6.2

openafs openafs 1.6.1

openafs openafs 1.6.0

openafs openafs 1.7.12

openafs openafs 1.7.11

openafs openafs 1.7.10

openafs openafs 1.7.8

openafs openafs 1.4.7

openafs openafs 1.4.6

openafs openafs 1.4.5

openafs openafs 1.4.4

openafs openafs 1.3.2

openafs openafs 1.3.1

openafs openafs 1.3

openafs openafs 1.2.9

openafs openafs 1.2.8

openafs openafs 1.2

openafs openafs 1.1.1a

openafs openafs 1.1.1

openafs openafs 1.1.0

openafs openafs 1.6.4

openafs openafs 1.7.24

openafs openafs 1.7.22

openafs openafs 1.7.15

openafs openafs 1.7.13

openafs openafs 1.7.4

openafs openafs 1.7.2

openafs openafs 1.4.7_pre4

openafs openafs 1.4.7_pre2

openafs openafs 1.4.2

openafs openafs 1.4.12

openafs openafs 1.3.77

openafs openafs 1.3.70

openafs openafs 1.2.7

openafs openafs 1.2.5

openafs openafs 1.2.11

openafs openafs 1.2.1

openafs openafs 1.1

openafs openafs 1.0.4

openafs openafs 1.6.3

openafs openafs 1.7.25

openafs openafs 1.7.23

openafs openafs 1.7.21

openafs openafs 1.7.16

openafs openafs 1.7.14

openafs openafs 1.7.3

openafs openafs 1.7.1

openafs openafs 1.4.7_pre3

openafs openafs 1.4.7_pre1

openafs openafs 1.4.3

openafs openafs

openafs openafs 1.3.74

openafs openafs 1.3.5

openafs openafs 1.2.6

openafs openafs 1.2.4

openafs openafs 1.2.13

openafs openafs 1.2.10

openafs openafs 1.0.4a

openafs openafs 1.0.3

debian debian linux 7.0

Vendor Advisories

Debian Security Advisories: DSA-2729-1 openafs -- several vulnerabilities
OpenAFS, the implementation of the distributed filesystem AFS, has been updated to no longer use DES for the encryption of tickets Additional migration steps are needed to fully set the update into effect For more information please see the upstream advisory: OPENAFS-SA-2013-003 In addition the encrypt option to the vos tool was fixed For the ol ...

References

CWE-310http://www.debian.org/security/2013/dsa-2729http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txthttp://www.mandriva.com/security/advisories?name=MDVSA-2014:244https://nvd.nist.govhttps://www.debian.org/security/./dsa-2729
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook