Openafs : Security Vulnerabilities, CVEs, Published In 2017

CVE-2017-17432

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value.
Max CVSS
7.8
EPSS Score
1.01%
Published
2017-12-06
Updated
2019-10-03

CVE-2016-9772

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.
Max CVSS
5.3
EPSS Score
0.17%
Published
2017-02-06
Updated
2017-02-08
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close