CVE-2015-3282

Published: 12 August 2015

vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network.

Priority

Medium

Status

Package Release Status
openafs
Launchpad, Ubuntu, Debian
Upstream
Released (1.6.13)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1.6.15-1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.6.7-1ubuntu1.1])
Patches:
Upstream: http://www.openafs.org/pages/security/openafs-sa-2015-001.patch