CVE-2016-9772
published 2017-02-06CVE-2016-9772: OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2)…
medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openafs | < openafs 1.6.20-1 (bookworm) | openafs 1.6.20-1 (bookworm) |
| openafs | openafs | <= 1.6.19 | — |
| openafs | openafs | >= 0 < 1.6.20-1 | 1.6.20-1 |
| openafs | openafs | >= 0 < 1.6.20-1 | 1.6.20-1 |
| openafs | openafs | >= 0 < 1.6.20-1 | 1.6.20-1 |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
osv5.3MEDIUM