CVE-2015-3282

Published: Aug 12, 2015Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network.

Affected (1)

Products: Openafs: Openafs

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Openafs Openafs	Up to 1.6.12

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

http://www.debian.org/security/2015/dsa-3320

Source: secalert@redhat.com

http://www.openafs.org/pages/security/OPENAFS-SA-2015-001.txt

Source: secalert@redhat.com

Vendor Advisory

http://www.securitytracker.com/id/1033262

Source: secalert@redhat.com

https://lists.openafs.org/pipermail/openafs-announce/2015/000486.html

Source: secalert@redhat.com

Vendor Advisory

https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13

Source: secalert@redhat.com

Vendor Advisory

http://www.debian.org/security/2015/dsa-3320

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openafs.org/pages/security/OPENAFS-SA-2015-001.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1033262

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.openafs.org/pipermail/openafs-announce/2015/000486.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.