OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.
{
"binaries": [
{
"binary_name": "libafsauthent1",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "libafsrpc1",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "libkopenafs1",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "libpam-openafs-kaserver",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "openafs-client",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "openafs-dbserver",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "openafs-fileserver",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "openafs-fuse",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "openafs-kpasswd",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "openafs-krb5",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "openafs-modules-dkms",
"binary_version": "1.6.15-1ubuntu1.1"
},
{
"binary_name": "openafs-modules-source",
"binary_version": "1.6.15-1ubuntu1.1"
}
]
}