The host is installed with OpenAFS before 1.6.24 prone to an information disclosure vulnerability. The flaw is present in the application, which fails to handle uninitialized RPC output variables. Successful exploitation allow attackers to access unauthorized information.