CVE-2013-4135

EPSS 0.28%

Published: 11/5/2013Modified: 4/28/2026

Description

The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

Affected packages (1)

Debian/openafsfrom 0, < 1.6.5-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4135