1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
Candidate: CVE-2015-6587
PublicDate: 2015-09-02
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587
http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt
Description:
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to
cause a denial of service (out-of-bounds read and crash) via a crafted
regular expression in a VL_ListAttributesN2 RPC.
Ubuntu-Description:
Notes:
mdeslaur> dupe of CVE-2015-3287
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_openafs:
upstream_openafs: released (1.6.13-1)
precise_openafs: released (1.6.1-1+ubuntu0.6)
trusty_openafs: released (1.6.7-1ubuntu1.1)
vivid_openafs: ignored (reached end-of-life)
vivid/stable-phone-overlay_openafs: DNE
vivid/ubuntu-core_openafs: DNE
wily_openafs: not-affected (1.6.14-1)
devel_openafs: not-affected (1.6.14-1)
|