VYPR

rpm package

opensuse/openafs&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/openafs&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2018-16949HigSep 12, 2018
    affected < 1.8.8-1.13fixed 1.8.8-1.13

    An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, l

  • CVE-2018-16948HigSep 12, 2018
    affected < 1.8.8-1.13fixed 1.8.8-1.13

    An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx se

  • CVE-2018-16947CriSep 12, 2018
    affected < 1.8.8-1.13fixed 1.8.8-1.13

    An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. The backup tape controller (butc) process accepts incoming RPCs but does not require (or allow for) authentication of those RPCs. Handling those RPCs results in operations being performed with administrator