639 matches found
OpenAFS uninitialized memory
Uninitialized memory access is possible...
[oss-security] CVE request: OpenAFS 1.6.8 TMAY fileserver crashes
New code introduced in OpenAFS 1.6.8 does not properly zero fields in the host structure in the OpenAFS fileserver, leading to some variables in the host structure being left initialized from recycled heap memory. While no mechanism for exploitation is currently known, the affected file server...
[SECURITY] [DSA 2899-1] openafs security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2899-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 09, 2014 http://www.debian.org/security/faq -...
OpenAFS DoS
Buffer overflow in GetStatistics64 RPC call...
OpenAFS GetStatistics64 RPC远程拒绝服务漏洞
Bugtraq ID:66776 CVE ID:CVE-2014-0159 OpenAFS是一款开放源代码的分布式文件系统。 OpenAFS GetStatistics64 RPC存在错误,允许攻击者利用漏洞发送特殊的请求触发缓冲区溢出和使应用程序崩溃。 0 OpenAFS 1.4.8 - 1.6.6 OpenAFS 1.6.7版本已修复该漏洞,建议用户下载使用: http://openafs.org/...
CVE-2014-2852
OpenAFS before 1.6.7 delays the listen thread when an RXSCheckResponse fails, which allows remote attackers to cause a denial of service performance degradation via an invalid packet...
CVE-2014-2852
OpenAFS before 1.6.7 delays the listen thread when an RXSCheckResponse fails, which allows remote attackers to cause a denial of service performance degradation via an invalid packet...
DEBIAN-CVE-2014-2852
OpenAFS before 1.6.7 delays the listen thread when an RXSCheckResponse fails, which allows remote attackers to cause a denial of service performance degradation via an invalid packet...
CVE-2014-0159
Buffer overflow in the GetStatistics64 remote procedure call RPC in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service crash via a crafted statsVersion argument...
CVE-2014-0159
Buffer overflow in the GetStatistics64 remote procedure call RPC in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service crash via a crafted statsVersion argument...
DEBIAN-CVE-2014-0159
Buffer overflow in the GetStatistics64 remote procedure call RPC in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service crash via a crafted statsVersion argument...
CVE-2014-0159
Buffer overflow in the GetStatistics64 remote procedure call RPC in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service crash via a crafted statsVersion argument...
CVE-2014-2852
OpenAFS before 1.6.7 delays the listen thread when an RXSCheckResponse fails, which allows remote attackers to cause a denial of service performance degradation via an invalid packet...
Design/Logic Flaw
OpenAFS before 1.6.7 delays the listen thread when an RXSCheckResponse fails, which allows remote attackers to cause a denial of service performance degradation via an invalid packet...
Buffer overflow
Buffer overflow in the GetStatistics64 remote procedure call RPC in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service crash via a crafted statsVersion argument...
UBUNTU-CVE-2014-2852
OpenAFS before 1.6.7 delays the listen thread when an RXSCheckResponse fails, which allows remote attackers to cause a denial of service performance degradation via an invalid packet...
UBUNTU-CVE-2014-0159
Buffer overflow in the GetStatistics64 remote procedure call RPC in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service crash via a crafted statsVersion argument...
CVE-2014-2852
OpenAFS prior to 1.6.7 delays the listen thread when an RXS_CheckResponse fails, enabling a remote attacker to cause denial of service (performance degradation) via an invalid packet. Multiple connected sources corroborate this issue and its association with CVE-2014-2852, with remediation docume...
CVE-2014-0159
CVE-2014-0159 affects OpenAFS: the GetStatistics64 RPC in OpenAFS 1.4.8 before 1.6.7 is vulnerable to a buffer overflow that can cause a remote denial of service (crash). Connected advisories confirm the issue exists in OpenAFS before 1.6.7 and indicate remediation by upgrading to newer OpenAFS r...
CVE-2014-0159
Buffer overflow in the GetStatistics64 remote procedure call RPC in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service crash via a crafted statsVersion argument...