1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
Candidate: CVE-2013-4134
PublicDate: 2013-11-05
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4134
http://www.openwall.com/lists/oss-security/2013/07/25/1
http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txt
Description:
OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses
weak encryption (DES) for Kerberos keys, which makes it easier for remote
attackers to obtain the service key.
Ubuntu-Description:
Notes:
Bugs:
https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/1204195
Priority: medium
Discovered-by: Alex Chernyakhovsky, Christy Dennison, Patrick Hurst, Peter Iannucci
Assigned-to:
Patches_openafs:
upstream_openafs: released (1.6.5)
lucid_openafs: released (1.4.12+dfsg-3+ubuntu0.3)
precise_openafs: released (1.6.1-1+ubuntu0.2)
quantal_openafs: released (1.6.1-2+ubuntu2.1)
raring_openafs: released (1.6.2-1+ubuntu2.1)
devel_openafs: released (1.6.5-1)
|