Lucene search

RedhatCVE-2013-1794

HistoryMar 14, 2013 - 3:13 a.m.

CVE-2013-1794

2013-03-1403:13:37

CWE-119

redhat

web.nvd.nist.gov

cve-2013-1794

buffer overflow

openafs

denial of service

remote authentication

arbitrary code execution

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.049

Percentile

92.8%

JSON

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry.

Affected configurations

Nvd

Node

openafsopenafsRange≤1.6.1

openafsopenafsMatch1.5.10

openafsopenafsMatch1.5.11

openafsopenafsMatch1.5.12

openafsopenafsMatch1.5.13

openafsopenafsMatch1.5.14

openafsopenafsMatch1.5.15

openafsopenafsMatch1.5.16

openafsopenafsMatch1.5.17

openafsopenafsMatch1.5.18

openafsopenafsMatch1.5.19

openafsopenafsMatch1.5.20

openafsopenafsMatch1.5.21

openafsopenafsMatch1.5.22

openafsopenafsMatch1.5.23

openafsopenafsMatch1.5.24

openafsopenafsMatch1.5.25

openafsopenafsMatch1.5.26

openafsopenafsMatch1.5.27

openafsopenafsMatch1.5.28

openafsopenafsMatch1.5.29

openafsopenafsMatch1.5.30

openafsopenafsMatch1.5.31

openafsopenafsMatch1.5.32

openafsopenafsMatch1.5.33

openafsopenafsMatch1.5.34

openafsopenafsMatch1.5.35

openafsopenafsMatch1.5.36

openafsopenafsMatch1.5.37

openafsopenafsMatch1.5.38

openafsopenafsMatch1.5.39

openafsopenafsMatch1.5.50

openafsopenafsMatch1.5.51

openafsopenafsMatch1.5.52

openafsopenafsMatch1.5.53

openafsopenafsMatch1.5.54

openafsopenafsMatch1.5.55

openafsopenafsMatch1.5.56

openafsopenafsMatch1.5.57

openafsopenafsMatch1.5.58

openafsopenafsMatch1.5.59

openafsopenafsMatch1.5.60

openafsopenafsMatch1.5.61

openafsopenafsMatch1.5.62

openafsopenafsMatch1.5.63

openafsopenafsMatch1.5.64

openafsopenafsMatch1.5.65

openafsopenafsMatch1.5.66

openafsopenafsMatch1.5.67

openafsopenafsMatch1.5.68

openafsopenafsMatch1.5.69

openafsopenafsMatch1.5.70

openafsopenafsMatch1.5.71

openafsopenafsMatch1.5.72

openafsopenafsMatch1.5.73

openafsopenafsMatch1.5.74

openafsopenafsMatch1.5.75

openafsopenafsMatch1.5.76

openafsopenafsMatch1.5.77

openafsopenafsMatch1.5.78

openafsopenafsMatch1.6.0

VendorProductVersionCPE
openafsopenafs*cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*
openafsopenafs1.5.10cpe:2.3:a:openafs:openafs:1.5.10:*:*:*:*:*:*:*
openafsopenafs1.5.11cpe:2.3:a:openafs:openafs:1.5.11:*:*:*:*:*:*:*
openafsopenafs1.5.12cpe:2.3:a:openafs:openafs:1.5.12:*:*:*:*:*:*:*
openafsopenafs1.5.13cpe:2.3:a:openafs:openafs:1.5.13:*:*:*:*:*:*:*
openafsopenafs1.5.14cpe:2.3:a:openafs:openafs:1.5.14:*:*:*:*:*:*:*
openafsopenafs1.5.15cpe:2.3:a:openafs:openafs:1.5.15:*:*:*:*:*:*:*
openafsopenafs1.5.16cpe:2.3:a:openafs:openafs:1.5.16:*:*:*:*:*:*:*
openafsopenafs1.5.17cpe:2.3:a:openafs:openafs:1.5.17:*:*:*:*:*:*:*
openafsopenafs1.5.18cpe:2.3:a:openafs:openafs:1.5.18:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openafs	openafs	*	cpe:2.3:a:openafs:openafs::::::::
openafs	openafs	1.5.10	cpe:2.3:a:openafs:openafs:1.5.10:::::::*
openafs	openafs	1.5.11	cpe:2.3:a:openafs:openafs:1.5.11:::::::*
openafs	openafs	1.5.12	cpe:2.3:a:openafs:openafs:1.5.12:::::::*
openafs	openafs	1.5.13	cpe:2.3:a:openafs:openafs:1.5.13:::::::*
openafs	openafs	1.5.14	cpe:2.3:a:openafs:openafs:1.5.14:::::::*
openafs	openafs	1.5.15	cpe:2.3:a:openafs:openafs:1.5.15:::::::*
openafs	openafs	1.5.16	cpe:2.3:a:openafs:openafs:1.5.16:::::::*
openafs	openafs	1.5.17	cpe:2.3:a:openafs:openafs:1.5.17:::::::*
openafs	openafs	1.5.18	cpe:2.3:a:openafs:openafs:1.5.18:::::::*