FKIE_CVE-2013-4134
Vulnerability from fkie_nvd - Published: 2013-11-05 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD3D040-25DB-4504-9664-E22705CFC2CF",
"versionEndIncluding": "1.4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC8B64A-B5A9-4F66-86AD-0288F8E3D62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE08E0AC-71F8-456B-9E88-43E94A6A2F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10CFD4A8-71AE-4F85-B86D-001461ECC2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD3D4A8-934B-420A-AF4A-36DD16E2F851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7AD53C-917A-41CC-83CD-6DF825E2640E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F84C9B-8073-4EBE-AA75-A373772A42EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E921700-C76F-41EA-AA61-6F939ED329CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9A5221-2DBC-487A-9C6D-84EB9C95EB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDBD251-3E96-4068-AD24-E5B1802769E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "23A07568-7B15-49F1-9163-40A0BFF38309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8A18760-0921-475E-9104-4DF480697E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CD01B5F6-7E91-4FE8-B345-42D58C786FCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34002792-689C-45B5-9B5A-94B5342AC20B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "3331166E-ABBA-4326-8EF4-88872B9824A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "302A9220-4C73-4D69-8B62-B64A7E280B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8FC287-D6D8-44BA-9125-3E64624ECDFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "295C09E5-23C3-4F9E-80FC-B0C4EC34C846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0295B94D-BE71-4DA2-81C5-E5BBCF0E17AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBADEB7-0073-42EB-B53D-ADA227898493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F0951C53-C62A-4607-B6DB-E6B38DF3A5E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0813CDDB-FF48-4154-81F3-20873A6C6C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6AAAE0E9-BB79-455F-A08E-AC83370DBD0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "55B65ACE-3BA2-4B42-AEE8-8F647A6399F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E298D9-63FB-4818-A2F1-EDFC287625F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F2EED9-29E6-41E9-A911-D6ED9A08643C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "299D4344-A1DB-4EC3-B1A2-5E07FB2B585F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BE26C0-4A71-43AE-B134-3CE6DE839349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE590EA3-85F6-462A-BCC1-0550192F8F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20DB0E2F-782F-4BA1-A81A-5DDDA8CF0A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3.70:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1399FC-A356-4624-BBA6-059B797B4C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3.74:*:*:*:*:*:*:*",
"matchCriteriaId": "5D767864-04D5-4571-8B13-CD347ADB3ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3.77:*:*:*:*:*:*:*",
"matchCriteriaId": "C47CECE6-1BD8-4CC3-B1F8-A4A069004C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "846D8776-DCDF-4BD0-A391-5546BD4B20C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "58C9013E-A08B-441E-AE3F-C688793366FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F37635-C186-4D06-A79C-2A7AB0CFBAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89E75B7E-B38C-48AD-B04F-BD705AFF2907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F38E889-0CC0-49E1-9B6C-90D4176C06C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1364B7-D564-4385-B7D7-67184E474712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA3D7891-0B48-4C5D-B74B-6810FB4696F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3BF7B2-72FF-4756-A1CC-982A1CD0747C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "832A44D5-3851-4DC5-A37A-B3C356764B19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F42FFC-9EA1-471C-8E5F-F8860BB2EA06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E0060C-4C43-4B4C-88CE-01F5055A9193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1A3516-7785-406E-83B2-96A0FF8461A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre3:*:*:*:*:*:*:*",
"matchCriteriaId": "F020E77C-8445-4BE8-A36E-A436102FE83B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre4:*:*:*:*:*:*:*",
"matchCriteriaId": "39F16D28-5011-4CE3-A656-9F9908E760AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1E040E-020D-4567-BF57-9A2DA7294CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38D14A4C-D467-431A-A223-9383FD94EB12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.8_pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED10F836-88BE-4832-BE5A-83AE0C798368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.8_pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA22C60E-64A4-4340-A780-0C85BDACBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.8_pre3:*:*:*:*:*:*:*",
"matchCriteriaId": "F407281C-A813-4190-BBF1-FB93779681DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "77998ED3-15AE-4547-AAF3-596F4DC7C399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A71A1B-DCDC-4E72-9C46-49919E4F372C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7150CE0E-A1EC-41EB-AD71-5B6C87289EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEFFEE0-C867-40F1-93F4-239EF1C6E2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD16CAA-1DF0-4BFC-AB76-AD06329080D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3AC2FFCF-BC84-43FF-8162-C796D3E43317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47FED822-5D5F-4299-9E17-865F9ADDCB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B53E1E4E-EC29-4CF5-A60F-531D7D3F51F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "638B85F9-711F-4CC0-BC88-70A0F61D00BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "100D60EE-7D98-4EDE-816D-0A09F2512BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7B667D-236D-4902-AE45-70DC518A8CEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E54A4891-9A8F-4669-BFE4-E7A492C23475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "42D64E4E-1CE6-4EC5-B196-56D3EA657D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D16E9D02-7B8A-496F-90E5-24053E2C7B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "537CF7AE-6CDA-41A7-BAA8-CB7775D89BB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FB340DB3-B662-4C32-9D12-6C5589B9D442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.14:*:*:*:*:*:*:*",
"matchCriteriaId": "52AC5979-4EE0-4C60-8682-214D7CE71E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.15:*:*:*:*:*:*:*",
"matchCriteriaId": "971BC625-0F96-4853-9E25-6461C0E7A9FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6417AD77-428D-40E4-B349-4328A0322D67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.17:*:*:*:*:*:*:*",
"matchCriteriaId": "56D4ED9A-FA72-4802-AEDB-7C6BF85F374B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "681D68F1-A302-4D26-87F2-183905995214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BCCEF082-2CD3-4A2F-8DCA-83EE444015E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "57956DBF-981B-4053-BE2B-E745BC789419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.21:*:*:*:*:*:*:*",
"matchCriteriaId": "00C8BD68-6640-4DCF-A2F5-E6826056F108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB0D161-F503-4608-92DD-0C4D38022EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.23:*:*:*:*:*:*:*",
"matchCriteriaId": "D951833E-7FB4-4DFB-A274-7D5619B6C7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.24:*:*:*:*:*:*:*",
"matchCriteriaId": "87BD5E13-61CF-41FD-8679-D0D0AAF2267B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.7.25:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB154C3-87A0-4083-964D-6F86E8A8FEE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key."
},
{
"lang": "es",
"value": "OpenAFS anterior a 1.4.15, 1.6.x anterior a 1.6.5 y 1.7.x anterior a 1.7.26 utiliza cifrado d\u00e9bil (DES) para las claves de Kerberos, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos para obtener la clave de servicio."
}
],
"id": "CVE-2013-4134",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-05T21:55:08.890",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2729"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txt"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…