CVE 2013-1795
Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.
Related bugs and status
CVE-2013-1795 (Candidate) is related to these bugs:
Bug #1145560: OpenAFS Security Advisories 2013-001 and 2013-002
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu) | High | Fix Released | ||
| 1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Hardy) | High | Invalid | ||
| 1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Lucid) | High | Fix Released | ||
| 1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Quantal) | High | Fix Released | ||
| 1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Precise) | High | Fix Released | ||
| 1145560 | OpenAFS Security Advisories 2013-001 and 2013-002 | openafs (Ubuntu Oneiric) | High | Invalid | ||
Bug #1204195: OpenAFS Security Advisories 2013-0003 and 2013-0004
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu) | Critical | Fix Released | ||
| 1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Precise) | Critical | Fix Released | ||
| 1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Quantal) | Critical | Fix Released | ||
| 1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Saucy) | Critical | Fix Released | ||
| 1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Raring) | Critical | Fix Released | ||
| 1204195 | OpenAFS Security Advisories 2013-0003 and 2013-0004 | openafs (Ubuntu Lucid) | Critical | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
