Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1795

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-1795
Last Modified 23 Mar 2015 09:59:42
Published 13 Mar 2013 11:13:40
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-1795

Summary

Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Openafs 1.5.10

  • Openafs 1.5.11

  • Openafs 1.5.12

  • Openafs 1.5.13

  • Openafs 1.5.14

  • Openafs 1.5.15

  • Openafs 1.5.16

  • Openafs 1.5.17

  • Openafs 1.5.18

  • Openafs 1.5.19

  • Openafs 1.5.20

  • Openafs 1.5.21

  • Openafs 1.5.22

  • Openafs 1.5.23

  • Openafs 1.5.24

  • Openafs 1.5.25

  • Openafs 1.5.26

  • Openafs 1.5.27

  • Openafs 1.5.28

  • Openafs 1.5.29

  • Openafs 1.5.30

  • Openafs 1.5.31

  • Openafs 1.5.32

  • Openafs 1.5.33

  • Openafs 1.5.34

  • Openafs 1.5.35

  • Openafs 1.5.36

  • Openafs 1.5.37

  • Openafs 1.5.38

  • Openafs 1.5.39

  • Openafs 1.5.50

  • Openafs 1.5.51

  • Openafs 1.5.52

  • Openafs 1.5.53

  • Openafs 1.5.54

  • Openafs 1.5.55

  • Openafs 1.5.56

  • Openafs 1.5.57

  • Openafs 1.5.58

  • Openafs 1.5.59

  • Openafs 1.5.60

  • Openafs 1.5.61

  • Openafs 1.5.62

  • Openafs 1.5.63

  • Openafs 1.5.64

  • Openafs 1.5.65

  • Openafs 1.5.66

  • Openafs 1.5.67

  • Openafs 1.5.68

  • Openafs 1.5.69

  • Openafs 1.5.70

  • Openafs 1.5.71

  • Openafs 1.5.72

  • Openafs 1.5.73

  • Openafs 1.5.74

  • Openafs 1.5.75

  • Openafs 1.5.76

  • Openafs 1.5.77

  • Openafs 1.5.78

  • Openafs 1.6.0

  • Openafs 1.6.1


References

XF - openafs-ptserver-overflow(82585)

BID - 58300

CONFIRM - http://www.openafs.org/pages/security/OPENAFS-SA-2013-002.txt

DEBIAN - DSA-2638

SECUNIA - 52480

SECUNIA - 52342

MANDRIVA - MDVSA-2014:244


Last Updated: 27 May 2016 11:02:04