CVE-2013-1794

Name of the Vulnerable Software and Affected Versions OpenAFS versions prior to 1.6.5

Description The issue concerns multiple vulnerabilities in the OpenAFS package that can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information. A buffer overflow in certain client utilities allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a long fileserver ACL entry.

Recommendations For OpenAFS versions prior to 1.6.5, update to version 1.6.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable client utilities until a patch is available. Avoid using long fileserver ACL entries in the affected utilities to minimize the risk of exploitation.