Published: 14/03/2013 Updated: 29/08/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Buffer overflow in certain client utilities in OpenAFS prior to 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openafs openafs 1.5.74
openafs openafs 1.5.73
openafs openafs 1.5.76
openafs openafs 1.5.75
openafs openafs 1.5.68
openafs openafs 1.5.67
openafs openafs 1.5.66
openafs openafs 1.5.65
openafs openafs 1.5.57
openafs openafs 1.5.56
openafs openafs 1.5.39
openafs openafs 1.5.38
openafs openafs 1.5.31
openafs openafs 1.5.30
openafs openafs 1.5.22
openafs openafs 1.5.21
openafs openafs 1.5.14
openafs openafs 1.5.13
openafs openafs
openafs openafs 1.6.0
openafs openafs 1.5.72
openafs openafs 1.5.71
openafs openafs 1.5.64
openafs openafs 1.5.63
openafs openafs 1.5.55
openafs openafs 1.5.54
openafs openafs 1.5.37
openafs openafs 1.5.36
openafs openafs 1.5.29
openafs openafs 1.5.28
openafs openafs 1.5.20
openafs openafs 1.5.19
openafs openafs 1.5.12
openafs openafs 1.5.11
openafs openafs 1.5.60
openafs openafs 1.5.59
openafs openafs 1.5.58
openafs openafs 1.5.51
openafs openafs 1.5.50
openafs openafs 1.5.33
openafs openafs 1.5.32
openafs openafs 1.5.25
openafs openafs 1.5.24
openafs openafs 1.5.23
openafs openafs 1.5.16
openafs openafs 1.5.15
openafs openafs 1.5.78
openafs openafs 1.5.77
openafs openafs 1.5.70
openafs openafs 1.5.69
openafs openafs 1.5.62
openafs openafs 1.5.61
openafs openafs 1.5.53
openafs openafs 1.5.52
openafs openafs 1.5.35
openafs openafs 1.5.34
openafs openafs 1.5.27
openafs openafs 1.5.26
openafs openafs 1.5.18
openafs openafs 1.5.17
openafs openafs 1.5.10

Multiple buffer overflows were discovered in OpenAFS, the implementation of the distributed filesystem AFS, which might result in denial of service or the execution of arbitrary code Further information is available at wwwopenafsorg/security For the stable distribution (squeeze), this problem has been fixed in version 14121+dfsg-4+squ ...

CWE-119 http://www.openafs.org/pages/security/OPENAFS-SA-2013-001.txt http://www.securityfocus.com/bid/58299 http://secunia.com/advisories/52480 http://secunia.com/advisories/52342 http://www.debian.org/security/2013/dsa-2638 http://www.mandriva.com/security/advisories?name=MDVSA-2014:244 https://exchange.xforce.ibmcloud.com/vulnerabilities/82582 https://nvd.nist.gov https://www.debian.org/security/./dsa-2638

CVE-2013-1794

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect