Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в OpenAFS
Опубликовано:12 апреля 2009 г.
Источник:
SecurityVulns ID:9828
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера, DoS.
Затронутые продукты:OPENAFS : OpenAFS 1.4
 OPENAFS : OpenAFS 1.5
CVE:CVE-2009-1251 (Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays.)
 CVE-2009-1250 (The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 1768-1] New openafs packages potential code execution (12.04.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород