[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1458 openafs -- programming error

ID: oval:org.mitre.oval:def:7881Date: (C)2009-12-15   (M)2021-09-30
Class: PATCHFamily: unix




A race condition in the OpenAFS fileserver allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock. For the old stable distribution (sarge), this problem has been fixed in version 1.3.81-3sarge3. For the stable distribution (etch), this problem has been fixed in version 1.4.2-6etch1. We recommend that you upgrade your openafs packages.

Platform:
Debian 4.0
Debian 3.1
Product:
openafs
Reference:
DSA-1458
CVE-2007-6599
CVE    1
CVE-2007-6599
CPE    2
cpe:/o:debian:debian_linux:4.x
cpe:/o:debian:debian_linux:3.1

© SecPod Technologies