Download
| Alert*
CVE-2015-3285
The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command. CVE-2015-3284 pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands. CVE-2015-3283 OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors. CVE-2015-3282 vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network. CVE-2015-6587 The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC. |