CVE-2015-7763
N/A
N/A
Summary
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.openafs.org/dl/openafs/1.6.15/RELNOTES-1.6.15
- https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt
- https://lists.openafs.org/pipermail/openafs-announce/2015/000493.html
- http://www.securitytracker.com/id/1034039
- http://www.debian.org/security/2015/dsa-3387
References
- https://www.openafs.org/dl/openafs/1.6.15/RELNOTES-1.6.15
- https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt
- https://lists.openafs.org/pipermail/openafs-announce/2015/000493.html
- http://www.securitytracker.com/id/1034039
- http://www.debian.org/security/2015/dsa-3387
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.