[ MDVSA-2009:099-1 ] openafs

[dude67]

_______________________________________________________________________

Package : openafs
Date : December 8, 2009
Affected: 2008.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been found and corrected in openafs:

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and
1.5.0 through 1.5.58 on Linux allows remote attackers to cause a
denial of service (system crash) via an RX response with a large
error-code value that is interpreted as a pointer and dereferenced,
related to use of the ERR_PTR macro (CVE-2009-1250).

Heap-based buffer overflow in the cache manager in the client in
OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms
allows remote attackers to cause a denial of service (system crash)
or possibly execute arbitrary code via an RX response containing
more data than specified in a request, related to use of XDR arrays
(CVE-2009-1251).

The updated packages have been patched to correct these issues.

Update:

Packages for 2008.0 are being provided due to extended support for
Corporate products.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cg ... -2009-1250
http://cve.mitre.org/cgi-bin/cvename.cg ... -2009-1251
_______________________________________________________________________