Check Point Reference: | CPAI-2014-1478 |
Date Published: | 23 Apr 2014 |
Severity: | Critical |
Last Updated: | Sunday 28 February, 2016 |
Source: | OpenAFS OPENAFS-SA-2014-001 |
Industry Reference: | CVE-2014-0159 |
Protection Provided by: |
Security Gateway |
Who is Vulnerable? | OpenAFS.org OpenAFS prior to 1.6.7 |
Vulnerability Description | A buffer overflow vulnerability has been reported in OpenAFS, an open source implementation of the Andrew File System. The vulnerability is due to insufficient validation performed on a parameter that's used to allocate memory when processing GetStatistics64 requests.A remote unauthenticated attacker can exploit this vulnerability to send a specially crafted packet to trigger a buffer overflow. Successful attack will result in arbitrary code execution, while an unsuccessful one will lead to a denial of service condition. |
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Web Server Enforcement Violation.
Attack Information: OpenAFS GetStatistics64 RPC Buffer Overflow