Vulnerabilities > Openafs > Openafs > 1.6.14

DATE CVE VULNERABILITY TITLE RISK
2016-05-13 CVE-2015-8312 Numeric Errors vulnerability in multiple products
Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes.
local
low complexity
openafs debian CWE-189
7.8
7.8
2015-11-06 CVE-2015-7763 Information Exposure vulnerability in Openafs
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
network
low complexity
openafs CWE-200
5.0
5.0
2015-11-06 CVE-2015-7762 Information Exposure vulnerability in multiple products
rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
network
low complexity
openafs debian CWE-200
5.0
5.0