ID CVE-2002-0391
Summary Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
References
Vulnerable Configurations
  • cpe:2.3:o:freebsd:freebsd:*:release_p5:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:*:release_p5:*:*:*:*:*:*
  • cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
    cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 30-10-2018 - 16:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2010-09-20T04:00:23.326-04:00
    class vulnerability
    contributors
    • name David Proulx
      organization The MITRE Corporation
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Jonathan Baker
      organization The MITRE Corporation
    description Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
    family unix
    id oval:org.mitre.oval:def:42
    status accepted
    submitted 2003-01-02T12:00:00.000-04:00
    title Solaris 7 RPC xdr_array Buffer Overflow
    version 33
  • accepted 2006-09-27T12:29:27.565-04:00
    class vulnerability
    contributors
    • name Brian Soby
      organization The MITRE Corporation
    • name Matthew Wojcik
      organization The MITRE Corporation
    description Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
    family unix
    id oval:org.mitre.oval:def:4728
    status accepted
    submitted 2005-01-19T12:00:00.000-04:00
    title SunRPC xdr_array Function Integer Overflow
    version 31
  • accepted 2010-09-20T04:00:45.613-04:00
    class vulnerability
    contributors
    • name David Proulx
      organization The MITRE Corporation
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Jonathan Baker
      organization The MITRE Corporation
    description Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
    family unix
    id oval:org.mitre.oval:def:9
    status accepted
    submitted 2003-01-28T12:00:00.000-04:00
    title Solaris 8 RPC xdr_array Buffer Overflow
    version 33
redhat via4
advisories
  • rhsa
    id RHSA-2002:166
  • rhsa
    id RHSA-2002:167
  • rhsa
    id RHSA-2002:172
  • rhsa
    id RHSA-2002:173
  • rhsa
    id RHSA-2003:168
  • rhsa
    id RHSA-2003:212
refmap via4
aixapar IY34194
bid 5356
bugtraq
  • 20020731 Remote Buffer Overflow Vulnerability in Sun RPC
  • 20020801 RPC analysis
  • 20020802 MITKRB5-SA-2002-001: Remote root vulnerability in MIT krb5 admin
  • 20020802 kerberos rpc xdr_array
  • 20020803 OpenAFS Security Advisory 2002-001: Remote root vulnerability in OpenAFS servers
  • 20020909 GLSA: glibc
caldera CSSA-2002-055.0
cert CA-2002-25
cert-vn VU#192995
conectiva
  • CLA-2002:515
  • CLA-2002:535
debian
  • DSA-142
  • DSA-143
  • DSA-146
  • DSA-149
  • DSA-333
engarde ESA-20021003-021
freebsd FreeBSD-SA-02:34.rpc
hp
  • HPSBTL0208-061
  • HPSBUX0209-215
iss 20020731 Remote Buffer Overflow Vulnerability in Sun RPC
mandrake MDKSA-2002:057
ms MS02-057
netbsd NetBSD-SA2002-011
sgi
  • 20020801-01-A
  • 20020801-01-P
suse SuSE-SA:2002:031
xf sunrpc-xdr-array-bo(9170)
Last major update 30-10-2018 - 16:26
Published 12-08-2002 - 04:00
Back to Top