Candidate: CVE-2013-1794
PublicDate: 2013-03-14 03:13:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1794
 http://www.openafs.org/security
Description:
 Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows
 remote authenticated users to cause a denial of service (crash) and
 possibly execute arbitrary code via a long fileserver ACL entry.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/1145560
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_openafs:
 upstream: http://www.openafs.org/pages/security/openafs-sa-2013-001.patch (1.6)
 upstream: http://www.openafs.org/pages/security/openafs-sa-2013-001-1_4_14_1.patch (1.4.14)
upstream_openafs: released (1.6.1-3)
hardy_openafs: ignored (reached end-of-life)
lucid_openafs: released (1.4.12+dfsg-3+ubuntu0.2)
oneiric_openafs: ignored (reached end-of-life)
precise_openafs: released (1.6.1-1+ubuntu0.2)
quantal_openafs: released (1.6.1-2+ubuntu2.1)
raring_openafs: not-affected (1.6.2~pre2-2)
devel_openafs: not-affected (1.6.2~pre2-2)