CVE-2013-4134

OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.

Date published : 2013-11-05

http://www.openafs.org/pages/security/OPENAFS-SA-2013-003.txt

http://www.debian.org/security/2013/dsa-2729