Launchpad.net

CVE 2002-0391

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

See the

CVE page on Mitre.org for more details.

References

SUSE: SuSE-SA:2002:031
ISS: 20020731 Remote Buffer...
CERT: CA-2002-25
CERT-VN: VU#192995
AIXAPAR: IY34194
CALDERA: CSSA-2002-055.0
CONECTIVA: CLA-2002:515
CONECTIVA: CLA-2002:535
DEBIAN: DSA-142
DEBIAN: DSA-143
DEBIAN: DSA-146
DEBIAN: DSA-149
DEBIAN: DSA-333
ENGARDE: ESA-20021003-021
HP: HPSBTL0208-061
HP: HPSBUX0209-215
MANDRAKE: MDKSA-2002:057
NETBSD: NetBSD-SA2002-011
REDHAT: RHSA-2002:166
REDHAT: RHSA-2003:168
REDHAT: RHSA-2002:172
REDHAT: RHSA-2002:173
REDHAT: RHSA-2002:167
REDHAT: RHSA-2003:212
SGI: 20020801-01-A
BUGTRAQ: 20020803 OpenAFS Secur...
BUGTRAQ: 20020802 kerberos rpc ...
XF: sunrpc-xdr-array-bo(9170)
BID: 5356
BUGTRAQ: 20020731 Remote Buffer...
BUGTRAQ: 20020801 RPC analysis
BUGTRAQ: 20020802 MITKRB5-SA-20...
FREEBSD: FreeBSD-SA-02:34.rpc
BUGTRAQ: 20020909 GLSA: glibc
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:def:9
MS: MS02-057
SGI: 20020801-01-P

Launchpad.net

CVE 2002-0391

Related bugs

References