CVE-2013-4134: OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to…

medium4.3CVSS 3.1

AVNACMAuNCPINAN

OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.

Affected

85 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	openafs	< openafs 1.6.5-1 (bookworm)	openafs 1.6.5-1 (bookworm)
openafs	openafs	<= 1.4.14	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—
openafs	openafs	—	—

CVSS provenance

nvd4.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N

osv4.3MEDIUM