Computer Security

OpenAFS race conditions
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



OpenAFS race conditions
Published:12.01.2008
Source:BUGTRAQ
SecurityVulns ID:8558
Type:remote
Level:5/10
Description:Race conditions on acquiring and giving back file callbacks.
Affected:OPENAFS : OpenAFS 1.3
 OPENAFS : OpenAFS 1.4
 IMAGEALBUM : ImageAlbum 2.0
CVE:CVE-2007-6599 (Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability (12.01.2008)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru