net/openafs -- buffer overflow

ID 0BF376B7-CC6B-11E2-A424-14DAE938EC40
Type freebsd
Reporter FreeBSD
Modified 2013-02-27T00:00:00


Nickolai Zeldovich reports:

An attacker with the ability to manipulate AFS directory ACLs may crash the fileserver hosting that volume. In addition, once a corrupt ACL is placed on a fileserver, its existence may crash client utilities manipulating ACLs on that server.