First published: Fri Nov 06 2015(Updated: )
rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Openafs Openafs | <=1.6.14.1 | |
Openafs Openafs | =1.7.1 | |
Openafs Openafs | =1.7.2 | |
Openafs Openafs | =1.7.3 | |
Openafs Openafs | =1.7.4 | |
Openafs Openafs | =1.7.8 | |
Openafs Openafs | =1.7.10 | |
Openafs Openafs | =1.7.11 | |
Openafs Openafs | =1.7.12 | |
Openafs Openafs | =1.7.13 | |
Openafs Openafs | =1.7.14 | |
Openafs Openafs | =1.7.15 | |
Openafs Openafs | =1.7.16 | |
Openafs Openafs | =1.7.17 | |
Openafs Openafs | =1.7.18 | |
Openafs Openafs | =1.7.19 | |
Openafs Openafs | =1.7.20 | |
Openafs Openafs | =1.7.21 | |
Openafs Openafs | =1.7.22 | |
Openafs Openafs | =1.7.23 | |
Openafs Openafs | =1.7.24 | |
Openafs Openafs | =1.7.25 | |
Openafs Openafs | =1.7.26 | |
Openafs Openafs | =1.7.27 | |
Openafs Openafs | =1.7.28 | |
Openafs Openafs | =1.7.29 | |
Openafs Openafs | =1.7.30 | |
Openafs Openafs | =1.7.31 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.