Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-7763

Опубликовано: 06 нояб. 2015
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openafs:openafs:1.5.75:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.5.76:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.5.77:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.5.78:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.5:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.6:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.7:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.8:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.9:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.10:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.11:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.12:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.13:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.6.14:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.8:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.10:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.11:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.12:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.13:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.14:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.15:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.16:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.17:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.18:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.19:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.20:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.21:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.22:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.23:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.24:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.25:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.26:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.27:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.28:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.29:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.30:*:*:*:*:*:*:*
cpe:2.3:a:openafs:openafs:1.7.31:*:*:*:*:*:*:*

EPSS

Процентиль: 64%
0.00472
Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2015-7763

ubuntu
больше 10 лет назад

rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.

debian логотип

CVE-2015-7763

debian
больше 10 лет назад

rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7 ...

github логотип

GHSA-jfjc-3x9j-qg99

github
больше 3 лет назад

rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.

EPSS

Процентиль: 64%
0.00472
Низкий

5 Medium

CVSS2

Дефекты

CWE-200