CVE 2013-1794
Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry.
Related bugs and status
CVE-2013-1794 (Candidate) is related to these bugs:
Bug #1145560: OpenAFS Security Advisories 2013-001 and 2013-002
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu) | High | Fix Released | ||
1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Hardy) | High | Invalid | ||
1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Lucid) | High | Fix Released | ||
1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Quantal) | High | Fix Released | ||
1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Precise) | High | Fix Released | ||
1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Oneiric) | High | Invalid |
Bug #1204195: OpenAFS Security Advisories 2013-0003 and 2013-0004
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu) | Critical | Fix Released | ||
1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Precise) | Critical | Fix Released | ||
1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Quantal) | Critical | Fix Released | ||
1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Saucy) | Critical | Fix Released | ||
1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Raring) | Critical | Fix Released | ||
1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Lucid) | Critical | Fix Released |
See the
CVE page on Mitre.org
for more details.