OpenAFS for Microsoft Windows Local Denial of Service Vulnerability

OpenAFS for Microsoft Windows Local Denial of Service Vulnerability

OpenAFS for Microsoft Windows is prone to a local denial-of-service vulnerability because the application fails to properly handle unexpected conditions.

Successfully exploiting this issue allows local attackers to trigger computer crashes. These crashes will occur every time Windows tries to start, creating a prolonged denial-of-service condition.

Versions of OpenAFS prior to 1.5.19 running on Windows are vulnerable.

Note that this issue is present only if MIT Kerberos for Windows is also installed on vulnerable computers.