Search Results (Refine Search)
- CPE Product Version: cpe:/a:openafs:openafs:1.7.11
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-7763 |
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network. Published: November 06, 2015; 4:59:11 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-7762 |
rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network. Published: November 06, 2015; 4:59:09 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-4134 |
OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key. Published: November 05, 2013; 4:55:08 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |