Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Theft of credentials in Unix client PAGs
Vulnerability Description
A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG.
CVSS Information
N/A
Vulnerability Type
使用基本弱点进行的认证绕过
Vulnerability Title
OpenAFS 输入验证错误漏洞
Vulnerability Description
OpenAFS是OpenAFS开源的一套分布式文件系统。允许系统之间通过局域网和广域网来分享档案和资源。 OpenAFS存在输入验证错误漏洞,该漏洞源于本地用户可以绕过Unix客户端中的进程身份验证组限制机制,允许用户有效地加入PAG并让窃取该PAG中的凭据。
CVSS Information
N/A
Vulnerability Type
N/A