Launchpad.net

CVE 2015-7763

rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.

Related bugs and status

CVE-2015-7763 (Candidate) is related to these bugs:

Bug #1513461: OPENAFS-SA-2015-007 "Tattletale"

		In	Importance	Status
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu)	High	Fix Released
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Wily)	Undecided	Confirmed
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Trusty)	Undecided	Fix Released
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Xenial)	High	Fix Released
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Precise)	Undecided	Fix Released
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Vivid)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2015-7763

Related bugs and status

Related bugs

References