QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2002-0391

Back to search

CVE-2002-0391

Published: Apr 2, 2003

Modified: Jan 16, 2025

PUBLISHED

Description

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

VendorProductVersions

n/a

n/a

affected
n/a

References

sunrpc-xdr-array-bo(9170)
vdb-entry
x_refsource_XF
CA-2002-25
third-party-advisory
x_refsource_CERT
HPSBTL0208-061
vendor-advisory
x_refsource_HP
20020909 GLSA: glibc
mailing-list
x_refsource_BUGTRAQ
DSA-146
vendor-advisory
x_refsource_DEBIAN
RHSA-2002:166
vendor-advisory
x_refsource_REDHAT
HPSBUX0209-215
vendor-advisory
x_refsource_HP
DSA-143
vendor-advisory
x_refsource_DEBIAN
CLA-2002:515
vendor-advisory
x_refsource_CONECTIVA
CLA-2002:535
vendor-advisory
x_refsource_CONECTIVA
RHSA-2003:212
vendor-advisory
x_refsource_REDHAT
MS02-057
vendor-advisory
x_refsource_MS
DSA-142
vendor-advisory
x_refsource_DEBIAN
IY34194
vendor-advisory
x_refsource_AIXAPAR
RHSA-2002:167
vendor-advisory
x_refsource_REDHAT
FreeBSD-SA-02:34.rpc
vendor-advisory
x_refsource_FREEBSD
RHSA-2002:173
vendor-advisory
x_refsource_REDHAT
5356
vdb-entry
x_refsource_BID
20020802 kerberos rpc xdr_array
mailing-list
x_refsource_BUGTRAQ
20020801 RPC analysis
mailing-list
x_refsource_BUGTRAQ
VU#192995
third-party-advisory
x_refsource_CERT-VN
RHSA-2002:172
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:4728
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:42
vdb-entry
signature
x_refsource_OVAL
ESA-20021003-021
vendor-advisory
x_refsource_ENGARDE
oval:org.mitre.oval:def:9
vdb-entry
signature
x_refsource_OVAL
MDKSA-2002:057
vendor-advisory
x_refsource_MANDRAKE
DSA-149
vendor-advisory
x_refsource_DEBIAN
DSA-333
vendor-advisory
x_refsource_DEBIAN
RHSA-2003:168
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now