Debian/openafs — 56 CVEs · VulnScope

pkg:Debian/openafs

56 total CVEsCRITICAL5HIGH15MEDIUM6

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2018-16947openafs - security update
from 0, < 1.6.9-2+deb8u8
CRITICAL9.8CVE-2018-16947openafs - security update
from 0, < 1.6.20-2+deb9u2
CRITICAL9.8CVE-2018-16947openafs - security update
from 0, < 1.8.2-1
CRITICAL9.8acm - integer overflow
from 0, < 1.2.3final2-6
CRITICAL9.8acm - integer overflow
from 0, < 1.2.6-1
HIGH7.8A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.
from 0, < 1.8.6-5+deb11u1
HIGH7.8openafs - security update
from 0, < 1.8.9-1+deb12u1
HIGH7.8openafs - security update
from 0, < 1.8.6-5+deb11u1
HIGH7.8openafs - security update
from 0, < 1.8.6-5+deb11u1
HIGH7.8openafs - security update
from 0, < 1.6.17-1
HIGH7.8openafs - security update
from 0, < 1.6.9-2+deb8u5
HIGH7.8openafs - security update
from 0, < 1.6.1-3+deb7u6
HIGH7.5OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent ove…
from 0, < 1.8.5-1
HIGH7.5openafs - security update
from 0, < 1.6.9-2+deb8u9
HIGH7.5openafs - security update
from 0, < 1.8.5-1
HIGH7.5An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2.
from 0, < 1.8.2-1
HIGH7.5An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2.
from 0, < 1.8.2-1
HIGH7.5openafs - security update
from 0, < 1.6.22-1
HIGH7.5openafs - security update
from 0, < 1.6.20-2+deb9u1
HIGH7.5openafs - security update
from 0, < 1.6.1-3+deb7u8
MEDIUM6.5An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninit…
from 0, < 1.8.6-5+deb11u1
MEDIUM6.5The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypa…
from 0, < 1.6.17-1
MEDIUM5.9OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output…
from 0, < 1.8.5-1
MEDIUM5.3openafs - security update
from 0, < 1.6.1-3+deb7u7
MEDIUM5.3openafs - security update
from 0, < 1.6.20-1
MEDIUM5.3The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes…
from 0, < 1.6.17-1
—rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of a…
from 0, < 1.6.15-1
—openafs - security update
from 0, < 1.6.15-1
—openafs - security update
from 0, < 1.6.1-3+deb7u5
—The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a c…
from 0, < 1.6.13-1
—The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local u…
from 0, < 1.6.13-1
—pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands.
from 0, < 1.6.13-1
—OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors.
from 0, < 1.6.13-1
—openafs - security update
from 0, < 1.6.13-1
—openafs - security update
from 0, < 1.4.12.1+dfsg-4+squeeze4
—openafs - security update
from 0, < 1.6.1-3+deb7u3
—OpenAFS 1.6.8 does not properly clear the fields in the host structure, which allows remote attackers to cause a denial of service (uniniti…
from 0, < 1.6.9-1
—OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (…
from 0, < 1.6.7-1
—openafs - security update
from 0, < 1.4.12.1+dfsg-4+squeeze3
—openafs - security update
from 0, < 1.6.7-1
—The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartex…
from 0, < 1.6.5-1
—openafs - several
from 0, < 1.6.5-1
—openafs - several
from 0, < 1.4.12.1+dfsg-4+squeeze2
—Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the…
from 0, < 1.6.1-3
—openafs - buffer overflow
from 0, < 1.4.12.1+dfsg-4+squeeze1
—openafs - buffer overflow
from 0, < 1.6.1-3
—The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions…
from 0, < 1.4.14+dfsg-1
—openafs - several
from 0, < 1.4.14+dfsg-1
—openafs - several
from 0, < 1.4.12.1+dfsg-4
—Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allow…
from 0, < 1.4.10+dfsg1-1
—openafs - potential code execution
from 0, < 1.4.2-6etch2
—openafs - potential code execution
from 0, < 1.4.10+dfsg1-1
—openafs
from 0, < 1.4.6.dfsg1-1
—openafs
from 0, < 1.4.2-6etch1
—openafs - design error
from 0, < 1.4.2-6
—openafs - design error
from 0, < 1.3.81-3sarge2