Your submission was sent successfully! Close

CVE-2015-6587

Published: 02 September 2015

The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.

Priority

Medium

Status

Package Release Status
openafs
Launchpad, Ubuntu, Debian
Upstream
Released (1.6.13-1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1.6.14-1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.6.7-1ubuntu1.1])