Lucene search

RedhatCVE-2013-1795

HistoryMar 14, 2013 - 3:13 a.m.

CVE-2013-1795

2013-03-1403:13:40

CWE-189

redhat

web.nvd.nist.gov

cve-2013-1795

openafs

integer overflow

denial of service

heap-based buffer overflow

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.041

Percentile

92.2%

JSON

Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.

Affected configurations

Nvd

Node

openafsopenafsRange≤1.6.1

openafsopenafsMatch1.5.10

openafsopenafsMatch1.5.11

openafsopenafsMatch1.5.12

openafsopenafsMatch1.5.13

openafsopenafsMatch1.5.14

openafsopenafsMatch1.5.15

openafsopenafsMatch1.5.16

openafsopenafsMatch1.5.17

openafsopenafsMatch1.5.18

openafsopenafsMatch1.5.19

openafsopenafsMatch1.5.20

openafsopenafsMatch1.5.21

openafsopenafsMatch1.5.22

openafsopenafsMatch1.5.23

openafsopenafsMatch1.5.24

openafsopenafsMatch1.5.25

openafsopenafsMatch1.5.26

openafsopenafsMatch1.5.27

openafsopenafsMatch1.5.28

openafsopenafsMatch1.5.29

openafsopenafsMatch1.5.30

openafsopenafsMatch1.5.31

openafsopenafsMatch1.5.32

openafsopenafsMatch1.5.33

openafsopenafsMatch1.5.34

openafsopenafsMatch1.5.35

openafsopenafsMatch1.5.36

openafsopenafsMatch1.5.37

openafsopenafsMatch1.5.38

openafsopenafsMatch1.5.39

openafsopenafsMatch1.5.50

openafsopenafsMatch1.5.51

openafsopenafsMatch1.5.52

openafsopenafsMatch1.5.53

openafsopenafsMatch1.5.54

openafsopenafsMatch1.5.55

openafsopenafsMatch1.5.56

openafsopenafsMatch1.5.57

openafsopenafsMatch1.5.58

openafsopenafsMatch1.5.59

openafsopenafsMatch1.5.60

openafsopenafsMatch1.5.61

openafsopenafsMatch1.5.62

openafsopenafsMatch1.5.63

openafsopenafsMatch1.5.64

openafsopenafsMatch1.5.65

openafsopenafsMatch1.5.66

openafsopenafsMatch1.5.67

openafsopenafsMatch1.5.68

openafsopenafsMatch1.5.69

openafsopenafsMatch1.5.70

openafsopenafsMatch1.5.71

openafsopenafsMatch1.5.72

openafsopenafsMatch1.5.73

openafsopenafsMatch1.5.74

openafsopenafsMatch1.5.75

openafsopenafsMatch1.5.76

openafsopenafsMatch1.5.77

openafsopenafsMatch1.5.78

openafsopenafsMatch1.6.0

VendorProductVersionCPE
openafsopenafs*cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*
openafsopenafs1.5.10cpe:2.3:a:openafs:openafs:1.5.10:*:*:*:*:*:*:*
openafsopenafs1.5.11cpe:2.3:a:openafs:openafs:1.5.11:*:*:*:*:*:*:*
openafsopenafs1.5.12cpe:2.3:a:openafs:openafs:1.5.12:*:*:*:*:*:*:*
openafsopenafs1.5.13cpe:2.3:a:openafs:openafs:1.5.13:*:*:*:*:*:*:*
openafsopenafs1.5.14cpe:2.3:a:openafs:openafs:1.5.14:*:*:*:*:*:*:*
openafsopenafs1.5.15cpe:2.3:a:openafs:openafs:1.5.15:*:*:*:*:*:*:*
openafsopenafs1.5.16cpe:2.3:a:openafs:openafs:1.5.16:*:*:*:*:*:*:*
openafsopenafs1.5.17cpe:2.3:a:openafs:openafs:1.5.17:*:*:*:*:*:*:*
openafsopenafs1.5.18cpe:2.3:a:openafs:openafs:1.5.18:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openafs	openafs	*	cpe:2.3:a:openafs:openafs::::::::
openafs	openafs	1.5.10	cpe:2.3:a:openafs:openafs:1.5.10:::::::*
openafs	openafs	1.5.11	cpe:2.3:a:openafs:openafs:1.5.11:::::::*
openafs	openafs	1.5.12	cpe:2.3:a:openafs:openafs:1.5.12:::::::*
openafs	openafs	1.5.13	cpe:2.3:a:openafs:openafs:1.5.13:::::::*
openafs	openafs	1.5.14	cpe:2.3:a:openafs:openafs:1.5.14:::::::*
openafs	openafs	1.5.15	cpe:2.3:a:openafs:openafs:1.5.15:::::::*
openafs	openafs	1.5.16	cpe:2.3:a:openafs:openafs:1.5.16:::::::*
openafs	openafs	1.5.17	cpe:2.3:a:openafs:openafs:1.5.17:::::::*
openafs	openafs	1.5.18	cpe:2.3:a:openafs:openafs:1.5.18:::::::*