Candidate: CVE-2013-4134
PublicDate: 2013-11-05 21:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4134
 http://www.openwall.com/lists/oss-security/2013/07/25/1
 http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txt
Description:
 OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses
 weak encryption (DES) for Kerberos keys, which makes it easier for remote
 attackers to obtain the service key.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/1204195
Priority: medium
Discovered-by: Alex Chernyakhovsky, Christy Dennison, Patrick Hurst, Peter Iannucci
Assigned-to: 
CVSS: 

Patches_openafs:
upstream_openafs: released (1.6.5)
lucid_openafs: released (1.4.12+dfsg-3+ubuntu0.3)
precise_openafs: released (1.6.1-1+ubuntu0.2)
quantal_openafs: released (1.6.1-2+ubuntu2.1)
raring_openafs: released (1.6.2-1+ubuntu2.1)
devel_openafs: released (1.6.5-1)