Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openafs | Openafs | 1.4.7 (including) | 1.4.7 (including) |
| Openafs | Openafs | 1.4.12 (including) | 1.4.12 (including) |
| Openafs | Openafs | 1.4.14 (including) | 1.4.14 (including) |
| Openafs | Ubuntu | dapper | * |
| Openafs | Ubuntu | hardy | * |
| Openafs | Ubuntu | karmic | * |
| Openafs | Ubuntu | lucid | * |
| Openafs | Ubuntu | maverick | * |
| Openafs | Ubuntu | upstream | * |
References
- http://secunia.com/advisories/43371
- http://secunia.com/advisories/43407
- http://www.debian.org/security/2011/dsa-2168
- http://www.securityfocus.com/bid/46428
- http://www.securitytracker.com/id?1025095
- http://www.vupen.com/english/advisories/2011/0410
- http://www.vupen.com/english/advisories/2011/0411
- http://secunia.com/advisories/43371
- http://secunia.com/advisories/43407
- http://www.debian.org/security/2011/dsa-2168
- http://www.securityfocus.com/bid/46428
- http://www.securitytracker.com/id?1025095
- http://www.vupen.com/english/advisories/2011/0410
- http://www.vupen.com/english/advisories/2011/0411