CVE-2014-2852
OpenAFS < 1.6.7 - Denial of Service via Invalid RXS_CheckResponse Packet
Title source: llmDescription
OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet.
References (2)
Core 2
Core References
Various Sources x_refsource_confirm
http://www.openafs.org/frameset/dl/openafs/1.6.7/ChangeLog
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-2899
Scores
EPSS
0.0129
EPSS Percentile
66.8%
Details
CWE
CWE-20
Status
published
Products (10)
openafs/openafs
1.6.0
openafs/openafs
1.6.1
openafs/openafs
1.6.2
openafs/openafs
1.6.2.1
openafs/openafs
1.6.3
openafs/openafs
1.6.4
openafs/openafs
1.6.5
openafs/openafs
1.6.5.1
openafs/openafs
1.6.5.2
openafs/openafs
< 1.6.6
Published
Apr 14, 2014
Tracked Since
Feb 18, 2026