CVE-2015-7763
published 2015-11-06CVE-2015-7763: rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement…
medium5CVSS 3.1
AVNACLAuNCPINAN
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
Affected
53 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openafs | < openafs 1.6.15-1 (bookworm) | openafs 1.6.15-1 (bookworm) |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
| openafs | openafs | — | — |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM