CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
9.8%
Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions
in cfs_fh.c in cfsd in Matt Blaze Cryptographic File System (CFS) 1.4.1
before Debian GNU/Linux package 1.4.1-17 allow local users to cause a
denial of service (daemon crash) by appending data to a file that is larger
than 2 Gb.