Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Debian Local Security Checks --> Category: infos

[DSA142] DSA-142-1 openafs Vulnerability Scan

Vulnerability Scan Summary
DSA-142-1 openafs

Detailed Explanation for this Vulnerability Test

An integer overflow bug has been discovered in the RPC library used by
the OpenAFS database server, which is derived from the SunRPC library.
This bug could be exploited to crash certain OpenAFS servers
(volserver, vlserver, ptserver, buserver) or to obtain unauthorized
root access to a host running one of these processes. No exploits are
known to exist yet.
This problem has been fixed in version 1.2.3final2-6 for the current
stable distribution (woody) and in version 1.2.6-1 for the unstable
distribution (sid). Debian 2.2 (potato) is not affected since it
doesn't contain OpenAFS packages.
OpenAFS is only available for the architectures alpha, i386, powerpc,
s390, sparc. Hence, we only provide fixed packages for these
We recommend that you upgrade your openafs packages.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.