Vulnerabilities > Openafs > Openafs > 1.7.18

DATE CVE VULNERABILITY TITLE RISK
2015-11-06 CVE-2015-7763 Information Exposure vulnerability in Openafs
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
network
low complexity
openafs CWE-200
5.0
5.0
2015-11-06 CVE-2015-7762 Information Exposure vulnerability in multiple products
rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
network
low complexity
openafs debian CWE-200
5.0
5.0
2013-11-05 CVE-2013-4134 Cryptographic Issues vulnerability in multiple products
OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key. 		4.3
4.3