Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenAFS Unix缓存管理器堆溢出漏洞
Vulnerability Description
OpenAFS是一套分布式文件系统,它允许系统之间通过局域网和广域网来分享档案和资源。 OpenAFS的XDR数据封送语言允许创建大小受接口定义限制的数组,XDR解码语言接收服务器所发送的最大为这个定义大小的数据,在某些情况下这些数据被存储到了客户端所分配的缓冲区。 在某些位置AFS客户端假设服务器所返回的数据不会大于所请求的数据,因此所分配的缓冲区比上述的最大值要小。尽管在与有效客户端通讯时这不会导致问题,但如果攻击者伪造了文件服务器的相应或用户受骗访问了受控的文件服务器,就可能返回比预期更大的数据,溢
CVSS Information
N/A
Vulnerability Type
N/A