Openafs : Security Vulnerabilities, CVEs, Published In 2015 (Overflow)
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.
Max CVSS
4.0
EPSS Score
0.37%
Published
2015-09-02
Updated
2015-09-02
Buffer overflow in the Solaris kernel extension in OpenAFS before 1.6.13 allows local users to cause a denial of service (panic or deadlock) or possibly have other unspecified impact via a large group list when joining a PAG.
Max CVSS
4.6
EPSS Score
0.04%
Published
2015-08-12
Updated
2017-09-21
The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-08-12
Updated
2017-09-21
3 vulnerabilities found