CVE-2015-7763 – Debian Security Advisory 3387-1

https://notcve.org/view.php?id=CVE-2015-7763

02 Nov 2015 — rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network. rx/rx.c en OpenAFS 1.5.75 hasta la versión 1.5.78, 1.6.x en vesiones anteriores a 1.6.15 y 1.7.x en versiones anteriores a 1.7.33 no inicializa adecuadamente el relleno en el final de un paquete de reconocimiento ... • http://www.debian.org/security/2015/dsa-3387 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •