Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service (crash) via a crafted statsVersion argument.
References
Link | Resource |
---|---|
http://openafs.org/pages/security/OPENAFS-SA-2014-001.txt | Vendor Advisory |
http://secunia.com/advisories/57779 | Permissions Required Third Party Advisory |
http://secunia.com/advisories/57832 | Permissions Required Third Party Advisory |
http://www.debian.org/security/2014/dsa-2899 | Third Party Advisory |
http://www.mandriva.com/security/advisories?name=MDVSA-2014:244 | Broken Link |
http://www.openafs.org/frameset/dl/openafs/1.6.7/ChangeLog | Issue Tracking Release Notes |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-04-14T15:00:00
Updated: 2015-03-19T15:57:00
Reserved: 2013-12-03T00:00:00
Link: CVE-2014-0159
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-04-14T15:09:05.990
Modified: 2016-08-24T15:32:01.053
Link: CVE-2014-0159
JSON object: View
Redhat Information
No data.
CWE