← voltar
CVE-2015-7763

CVE-2015-7763

EPSS 2.1%
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://lists.openafs.org/pipermail/openafs-announce/2015/000493.htmlhttps://www.openafs.org/dl/openafs/1.6.15/RELNOTES-1.6.15https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txthttp://www.debian.org/security/2015/dsa-3387http://www.securitytracker.com/id/1034039