Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fileserver crash and possible information leak on StoreACL/FetchACL
Vulnerability Description
An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to crash and possibly expose uninitialized memory into other ACLs stored on the server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
对已超过有效生命周期的资源丧失索引
Vulnerability Title
OpenAFS 安全漏洞
Vulnerability Description
OpenAFS是OpenAFS开源的一套分布式文件系统。允许系统之间通过局域网和广域网来分享档案和资源。 OpenAFS存在安全漏洞,该漏洞源于经过身份验证的用户可以向文件服务器的提供格式错误的ACL,导致文件服务器崩溃。
CVSS Information
N/A
Vulnerability Type
N/A