Download
| Alert*
oval:org.secpod.oval:def:32830
The host is installed with OpenAFS 1.4.0800 before 1.6.0700 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted statsVersion argument. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:32829 The host is installed with OpenAFS before 1.6.0700 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle an invalid packet. Successful exploitation allows remote attackers to cause a denial of service (performance degradation). oval:org.secpod.oval:def:16500 The host is installed with OpenAFS before 1.6.0200 and is prone to buffer overflow vulnerability. The flaw is present in the application, which fails to handle the client utilities. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:16497 The host is installed with OpenAFS before 1.6.0200 and is prone to buffer overflow vulnerability. The flaw is present in the application, which fails to handle the ptserver. Successful exploitation allows remote attackers to cause the heap based buffer overflow. oval:org.secpod.oval:def:16501 The host is installed with OpenAFS 1.6.x before 1.6.0500 and is prone to information disclosure vulnerability. The flaw is present in the application, which fails to handle the -encrypt option. Successful exploitation allows the remote attackers to obtain sensitive information by sniffing the networ ... oval:org.secpod.oval:def:16502 The host is installed with OpenAFS 1.6.x before 1.6.0500 or 1.7.x before 1.7.2600 or before 1.4.1500 and is prone to information disclosure vulnerability. The flaw is present in the application, which fails to handle the weak encryption (DES) for Kerberos keys. Successful exploitation allows the rem ... oval:org.secpod.oval:def:31675 The host is installed with OpenAFS 1.5.7500 through 1.5.7800, 1.6.x before 1.6.1500 or 1.7.x before 1.7.3300 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to handle the acknowledgement packet. Successful exploitation allow remote attacke ... |