CVE-2016-9772

Опубликовано: 06 фев. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.

Ссылки

http://www.openwall.com/lists/oss-security/2016/12/02/9
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/94651
Third Party Advisory
VDB Entry
https://www.openafs.org/pages/security/OPENAFS-SA-2016-003.txt
Vendor Advisory
http://www.openwall.com/lists/oss-security/2016/12/02/9
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/94651
Third Party Advisory
VDB Entry
https://www.openafs.org/pages/security/OPENAFS-SA-2016-003.txt
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*

Версия до 1.6.19 (включая)

EPSS

Процентиль: 50%

0.00264

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2016-9772

CVSS3: 5.3

ubuntu

около 9 лет назад

CVE-2016-9772

CVSS3: 5.3

debian

около 9 лет назад

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive ...

GHSA-qx33-h57r-w5q6

CVSS3: 5.3

github

больше 3 лет назад

EPSS

Процентиль: 50%

0.00264

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200