{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-07-28T00:00:00", "descriptions": [{"lang": "en", "value": "OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-03-19T15:57:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "DSA-2729", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2013/dsa-2729"}, {"name": "MDVSA-2014:244", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4134", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-2729", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2729"}, {"name": "MDVSA-2014:244", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244"}, {"name": "http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txt", "refsource": "CONFIRM", "url": "http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txt"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-4134", "datePublished": "2013-11-05T21:00:00", "dateReserved": "2013-06-12T00:00:00", "dateUpdated": "2015-03-19T15:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*", "matchCriteriaId": "6FD3D040-25DB-4504-9664-E22705CFC2CF", "versionEndIncluding": "1.4.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "DBC8B64A-B5A9-4F66-86AD-0288F8E3D62D", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BE08E0AC-71F8-456B-9E88-43E94A6A2F47", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "10CFD4A8-71AE-4F85-B86D-001461ECC2E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "8CD3D4A8-934B-420A-AF4A-36DD16E2F851", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "9D7AD53C-917A-41CC-83CD-6DF825E2640E", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.0.4a:*:*:*:*:*:*:*", "matchCriteriaId": "F6F84C9B-8073-4EBE-AA75-A373772A42EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "8E921700-C76F-41EA-AA61-6F939ED329CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "FC9A5221-2DBC-487A-9C6D-84EB9C95EB05", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "0BDBD251-3E96-4068-AD24-E5B1802769E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.1.1a:*:*:*:*:*:*:*", "matchCriteriaId": "23A07568-7B15-49F1-9163-40A0BFF38309", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E8A18760-0921-475E-9104-4DF480697E96", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CD01B5F6-7E91-4FE8-B345-42D58C786FCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "34002792-689C-45B5-9B5A-94B5342AC20B", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.2a:*:*:*:*:*:*:*", "matchCriteriaId": "3331166E-ABBA-4326-8EF4-88872B9824A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.2b:*:*:*:*:*:*:*", "matchCriteriaId": "302A9220-4C73-4D69-8B62-B64A7E280B31", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "2B8FC287-D6D8-44BA-9125-3E64624ECDFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "295C09E5-23C3-4F9E-80FC-B0C4EC34C846", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "0295B94D-BE71-4DA2-81C5-E5BBCF0E17AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "2FBADEB7-0073-42EB-B53D-ADA227898493", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "F0951C53-C62A-4607-B6DB-E6B38DF3A5E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "0813CDDB-FF48-4154-81F3-20873A6C6C45", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "6AAAE0E9-BB79-455F-A08E-AC83370DBD0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "55B65ACE-3BA2-4B42-AEE8-8F647A6399F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "C0E298D9-63FB-4818-A2F1-EDFC287625F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "E3F2EED9-29E6-41E9-A911-D6ED9A08643C", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "299D4344-A1DB-4EC3-B1A2-5E07FB2B585F", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "72BE26C0-4A71-43AE-B134-3CE6DE839349", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "DE590EA3-85F6-462A-BCC1-0550192F8F9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "20DB0E2F-782F-4BA1-A81A-5DDDA8CF0A79", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.3.70:*:*:*:*:*:*:*", "matchCriteriaId": "3C1399FC-A356-4624-BBA6-059B797B4C2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.3.74:*:*:*:*:*:*:*", "matchCriteriaId": "5D767864-04D5-4571-8B13-CD347ADB3ADA", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.3.77:*:*:*:*:*:*:*", "matchCriteriaId": "C47CECE6-1BD8-4CC3-B1F8-A4A069004C8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.3.81:*:*:*:*:*:*:*", "matchCriteriaId": "846D8776-DCDF-4BD0-A391-5546BD4B20C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "58C9013E-A08B-441E-AE3F-C688793366FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E0F37635-C186-4D06-A79C-2A7AB0CFBAD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "89E75B7E-B38C-48AD-B04F-BD705AFF2907", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9F38E889-0CC0-49E1-9B6C-90D4176C06C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "CB1364B7-D564-4385-B7D7-67184E474712", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "EA3D7891-0B48-4C5D-B74B-6810FB4696F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "2C3BF7B2-72FF-4756-A1CC-982A1CD0747C", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "832A44D5-3851-4DC5-A37A-B3C356764B19", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "D6F42FFC-9EA1-471C-8E5F-F8860BB2EA06", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre1:*:*:*:*:*:*:*", "matchCriteriaId": "91E0060C-4C43-4B4C-88CE-01F5055A9193", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre2:*:*:*:*:*:*:*", "matchCriteriaId": "4F1A3516-7785-406E-83B2-96A0FF8461A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre3:*:*:*:*:*:*:*", "matchCriteriaId": "F020E77C-8445-4BE8-A36E-A436102FE83B", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre4:*:*:*:*:*:*:*", "matchCriteriaId": "39F16D28-5011-4CE3-A656-9F9908E760AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.7_pre5:*:*:*:*:*:*:*", "matchCriteriaId": "1F1E040E-020D-4567-BF57-9A2DA7294CB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "38D14A4C-D467-431A-A223-9383FD94EB12", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.8_pre1:*:*:*:*:*:*:*", "matchCriteriaId": "ED10F836-88BE-4832-BE5A-83AE0C798368", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.8_pre2:*:*:*:*:*:*:*", "matchCriteriaId": "CA22C60E-64A4-4340-A780-0C85BDACBB01", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.8_pre3:*:*:*:*:*:*:*", "matchCriteriaId": "F407281C-A813-4190-BBF1-FB93779681DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "77998ED3-15AE-4547-AAF3-596F4DC7C399", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A8A71A1B-DCDC-4E72-9C46-49919E4F372C", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "7150CE0E-A1EC-41EB-AD71-5B6C87289EEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "7EEFFEE0-C867-40F1-93F4-239EF1C6E2AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "BBD16CAA-1DF0-4BFC-AB76-AD06329080D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "3AC2FFCF-BC84-43FF-8162-C796D3E43317", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "47FED822-5D5F-4299-9E17-865F9ADDCB09", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "B53E1E4E-EC29-4CF5-A60F-531D7D3F51F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "638B85F9-711F-4CC0-BC88-70A0F61D00BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "100D60EE-7D98-4EDE-816D-0A09F2512BD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "7A7B667D-236D-4902-AE45-70DC518A8CEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "E54A4891-9A8F-4669-BFE4-E7A492C23475", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "42D64E4E-1CE6-4EC5-B196-56D3EA657D1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "D16E9D02-7B8A-496F-90E5-24053E2C7B46", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.12:*:*:*:*:*:*:*", "matchCriteriaId": "537CF7AE-6CDA-41A7-BAA8-CB7775D89BB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.13:*:*:*:*:*:*:*", "matchCriteriaId": "FB340DB3-B662-4C32-9D12-6C5589B9D442", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.14:*:*:*:*:*:*:*", "matchCriteriaId": "52AC5979-4EE0-4C60-8682-214D7CE71E9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.15:*:*:*:*:*:*:*", "matchCriteriaId": "971BC625-0F96-4853-9E25-6461C0E7A9FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.16:*:*:*:*:*:*:*", "matchCriteriaId": "6417AD77-428D-40E4-B349-4328A0322D67", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.17:*:*:*:*:*:*:*", "matchCriteriaId": "56D4ED9A-FA72-4802-AEDB-7C6BF85F374B", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.18:*:*:*:*:*:*:*", "matchCriteriaId": "681D68F1-A302-4D26-87F2-183905995214", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.19:*:*:*:*:*:*:*", "matchCriteriaId": "BCCEF082-2CD3-4A2F-8DCA-83EE444015E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.20:*:*:*:*:*:*:*", "matchCriteriaId": "57956DBF-981B-4053-BE2B-E745BC789419", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.21:*:*:*:*:*:*:*", "matchCriteriaId": "00C8BD68-6640-4DCF-A2F5-E6826056F108", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.22:*:*:*:*:*:*:*", "matchCriteriaId": "CCB0D161-F503-4608-92DD-0C4D38022EE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.23:*:*:*:*:*:*:*", "matchCriteriaId": "D951833E-7FB4-4DFB-A274-7D5619B6C7A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.24:*:*:*:*:*:*:*", "matchCriteriaId": "87BD5E13-61CF-41FD-8679-D0D0AAF2267B", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.7.25:*:*:*:*:*:*:*", "matchCriteriaId": "2CB154C3-87A0-4083-964D-6F86E8A8FEE5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key."}, {"lang": "es", "value": "OpenAFS anterior a 1.4.15, 1.6.x anterior a 1.6.5 y 1.7.x anterior a 1.7.26 utiliza cifrado d\u00e9bil (DES) para las claves de Kerberos, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos para obtener la clave de servicio."}], "id": "CVE-2013-4134", "lastModified": "2016-08-24T15:30:15.403", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-11-05T21:55:08.890", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2013/dsa-2729"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txt"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}