Sensitive Directory Information Disclosure in OpenAFS 1.6.19 and Earlier

Sensitive Directory Information Disclosure in OpenAFS 1.6.19 and Earlier

CVE-2016-9772 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.

Learn more about our Cis Benchmark Audit For Server Software.