Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openafs | Openafs | * | 1.6.1 (including) |
| Openafs | Openafs | 1.5.10 (including) | 1.5.10 (including) |
| Openafs | Openafs | 1.5.11 (including) | 1.5.11 (including) |
| Openafs | Openafs | 1.5.12 (including) | 1.5.12 (including) |
| Openafs | Openafs | 1.5.13 (including) | 1.5.13 (including) |
| Openafs | Openafs | 1.5.14 (including) | 1.5.14 (including) |
| Openafs | Openafs | 1.5.15 (including) | 1.5.15 (including) |
| Openafs | Openafs | 1.5.16 (including) | 1.5.16 (including) |
| Openafs | Openafs | 1.5.17 (including) | 1.5.17 (including) |
| Openafs | Openafs | 1.5.18 (including) | 1.5.18 (including) |
| Openafs | Openafs | 1.5.19 (including) | 1.5.19 (including) |
| Openafs | Openafs | 1.5.20 (including) | 1.5.20 (including) |
| Openafs | Openafs | 1.5.21 (including) | 1.5.21 (including) |
| Openafs | Openafs | 1.5.22 (including) | 1.5.22 (including) |
| Openafs | Openafs | 1.5.23 (including) | 1.5.23 (including) |
| Openafs | Openafs | 1.5.24 (including) | 1.5.24 (including) |
| Openafs | Openafs | 1.5.25 (including) | 1.5.25 (including) |
| Openafs | Openafs | 1.5.26 (including) | 1.5.26 (including) |
| Openafs | Openafs | 1.5.27 (including) | 1.5.27 (including) |
| Openafs | Openafs | 1.5.28 (including) | 1.5.28 (including) |
| Openafs | Openafs | 1.5.29 (including) | 1.5.29 (including) |
| Openafs | Openafs | 1.5.30 (including) | 1.5.30 (including) |
| Openafs | Openafs | 1.5.31 (including) | 1.5.31 (including) |
| Openafs | Openafs | 1.5.32 (including) | 1.5.32 (including) |
| Openafs | Openafs | 1.5.33 (including) | 1.5.33 (including) |
| Openafs | Openafs | 1.5.34 (including) | 1.5.34 (including) |
| Openafs | Openafs | 1.5.35 (including) | 1.5.35 (including) |
| Openafs | Openafs | 1.5.36 (including) | 1.5.36 (including) |
| Openafs | Openafs | 1.5.37 (including) | 1.5.37 (including) |
| Openafs | Openafs | 1.5.38 (including) | 1.5.38 (including) |
| Openafs | Openafs | 1.5.39 (including) | 1.5.39 (including) |
| Openafs | Openafs | 1.5.50 (including) | 1.5.50 (including) |
| Openafs | Openafs | 1.5.51 (including) | 1.5.51 (including) |
| Openafs | Openafs | 1.5.52 (including) | 1.5.52 (including) |
| Openafs | Openafs | 1.5.53 (including) | 1.5.53 (including) |
| Openafs | Openafs | 1.5.54 (including) | 1.5.54 (including) |
| Openafs | Openafs | 1.5.55 (including) | 1.5.55 (including) |
| Openafs | Openafs | 1.5.56 (including) | 1.5.56 (including) |
| Openafs | Openafs | 1.5.57 (including) | 1.5.57 (including) |
| Openafs | Openafs | 1.5.58 (including) | 1.5.58 (including) |
| Openafs | Openafs | 1.5.59 (including) | 1.5.59 (including) |
| Openafs | Openafs | 1.5.60 (including) | 1.5.60 (including) |
| Openafs | Openafs | 1.5.61 (including) | 1.5.61 (including) |
| Openafs | Openafs | 1.5.62 (including) | 1.5.62 (including) |
| Openafs | Openafs | 1.5.63 (including) | 1.5.63 (including) |
| Openafs | Openafs | 1.5.64 (including) | 1.5.64 (including) |
| Openafs | Openafs | 1.5.65 (including) | 1.5.65 (including) |
| Openafs | Openafs | 1.5.66 (including) | 1.5.66 (including) |
| Openafs | Openafs | 1.5.67 (including) | 1.5.67 (including) |
| Openafs | Openafs | 1.5.68 (including) | 1.5.68 (including) |
| Openafs | Openafs | 1.5.69 (including) | 1.5.69 (including) |
| Openafs | Openafs | 1.5.70 (including) | 1.5.70 (including) |
| Openafs | Openafs | 1.5.71 (including) | 1.5.71 (including) |
| Openafs | Openafs | 1.5.72 (including) | 1.5.72 (including) |
| Openafs | Openafs | 1.5.73 (including) | 1.5.73 (including) |
| Openafs | Openafs | 1.5.74 (including) | 1.5.74 (including) |
| Openafs | Openafs | 1.5.75 (including) | 1.5.75 (including) |
| Openafs | Openafs | 1.5.76 (including) | 1.5.76 (including) |
| Openafs | Openafs | 1.5.77 (including) | 1.5.77 (including) |
| Openafs | Openafs | 1.5.78 (including) | 1.5.78 (including) |
| Openafs | Openafs | 1.6.0 (including) | 1.6.0 (including) |
| Openafs | Ubuntu | hardy | * |
| Openafs | Ubuntu | lucid | * |
| Openafs | Ubuntu | oneiric | * |
| Openafs | Ubuntu | precise | * |
| Openafs | Ubuntu | quantal | * |
| Openafs | Ubuntu | upstream | * |
References
- http://secunia.com/advisories/52342
- http://secunia.com/advisories/52480
- http://www.debian.org/security/2013/dsa-2638
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:244
- http://www.openafs.org/pages/security/OPENAFS-SA-2013-002.txt
- http://www.securityfocus.com/bid/58300
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82585
- http://secunia.com/advisories/52342
- http://secunia.com/advisories/52480
- http://www.debian.org/security/2013/dsa-2638
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:244
- http://www.openafs.org/pages/security/OPENAFS-SA-2013-002.txt
- http://www.securityfocus.com/bid/58300
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82585