OpenAFS for Microsoft Windows Local Denial of Service Vulnerability
BID:23566
Info
OpenAFS for Microsoft Windows Local Denial of Service Vulnerability
| Bugtraq ID: | 23566 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 19 2007 12:00AM |
| Updated: | Apr 19 2007 11:11PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
OpenAFS OpenAFS 1.5.18 OpenAFS OpenAFS 1.5.17 OpenAFS OpenAFS 1.5.16 OpenAFS OpenAFS 1.5.15 OpenAFS OpenAFS 1.5.14 OpenAFS OpenAFS 1.5.13 OpenAFS OpenAFS 1.5.12 OpenAFS OpenAFS 1.5.11 OpenAFS OpenAFS 1.5.10 OpenAFS OpenAFS 1.5.9 OpenAFS OpenAFS 1.5.8 OpenAFS OpenAFS 1.5.7 OpenAFS OpenAFS 1.5.6 OpenAFS OpenAFS 1.5.5 OpenAFS OpenAFS 1.5.4 OpenAFS OpenAFS 1.5.3 OpenAFS OpenAFS 1.5.2 OpenAFS OpenAFS 1.5.1 OpenAFS OpenAFS 1.5 OpenAFS OpenAFS 1.4.4 OpenAFS OpenAFS 1.4.3 OpenAFS OpenAFS 1.4.2 OpenAFS OpenAFS 1.4.1 OpenAFS OpenAFS 1.4 OpenAFS OpenAFS 1.3.81 OpenAFS OpenAFS 1.3.64 |
| Not Vulnerable: |
OpenAFS OpenAFS 1.5.19 |
Discussion
OpenAFS for Microsoft Windows Local Denial of Service Vulnerability
OpenAFS for Microsoft Windows is prone to a local denial-of-service vulnerability because the application fails to properly handle unexpected conditions.
Successfully exploiting this issue allows local attackers to trigger computer crashes. These crashes will occur every time Windows tries to start, creating a prolonged denial-of-service condition.
Versions of OpenAFS prior to 1.5.19 running on Windows are vulnerable.
Note that this issue is present only if MIT Kerberos for Windows is also installed on vulnerable computers.
OpenAFS for Microsoft Windows is prone to a local denial-of-service vulnerability because the application fails to properly handle unexpected conditions.
Successfully exploiting this issue allows local attackers to trigger computer crashes. These crashes will occur every time Windows tries to start, creating a prolonged denial-of-service condition.
Versions of OpenAFS prior to 1.5.19 running on Windows are vulnerable.
Note that this issue is present only if MIT Kerberos for Windows is also installed on vulnerable computers.
Exploit / POC
OpenAFS for Microsoft Windows Local Denial of Service Vulnerability
Attackers use readily available utilities to exploit this issue.
Attackers use readily available utilities to exploit this issue.
Solution / Fix
OpenAFS for Microsoft Windows Local Denial of Service Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
OpenAFS OpenAFS 1.3.64
OpenAFS OpenAFS 1.3.81
OpenAFS OpenAFS 1.4
OpenAFS OpenAFS 1.4.1
OpenAFS OpenAFS 1.4.2
OpenAFS OpenAFS 1.4.3
OpenAFS OpenAFS 1.4.4
OpenAFS OpenAFS 1.5
OpenAFS OpenAFS 1.5.1
OpenAFS OpenAFS 1.5.10
OpenAFS OpenAFS 1.5.11
OpenAFS OpenAFS 1.5.12
OpenAFS OpenAFS 1.5.13
OpenAFS OpenAFS 1.5.14
OpenAFS OpenAFS 1.5.15
OpenAFS OpenAFS 1.5.16
OpenAFS OpenAFS 1.5.17
OpenAFS OpenAFS 1.5.18
OpenAFS OpenAFS 1.5.2
OpenAFS OpenAFS 1.5.3
OpenAFS OpenAFS 1.5.4
OpenAFS OpenAFS 1.5.5
OpenAFS OpenAFS 1.5.6
OpenAFS OpenAFS 1.5.7
OpenAFS OpenAFS 1.5.8
OpenAFS OpenAFS 1.5.9
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
OpenAFS OpenAFS 1.3.64
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.3.81
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.4
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.4.1
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.4.2
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.4.3
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.4.4
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.1
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.10
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.11
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.12
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.13
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.14
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.15
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.16
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.17
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.18
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.2
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.3
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.4
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.5
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.6
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.7
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.8
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
OpenAFS OpenAFS 1.5.9
-
OpenAFS OpenAFSforWindows-1-5-19.exe
http://dl.openafs.org/dl/openafs/1.5.19/winxp/OpenAFSforWindows-1-5-19 .exe
References
OpenAFS for Microsoft Windows Local Denial of Service Vulnerability
References:
References:
- OpenAFS Homepage (OpenAFS)
- OpenAFS Security Advisories (OpenAFS)
- OpenAFS Security Advisory 2007-002 (OpenAFS)