VDB
CISA-2002-0391
CISA-2002-0391
PUBLISHED
CVSS 9.8 CRITICAL
Reported by mitre · Published April 2, 2003
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
Risk Scores
CVSS 3.1
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Apr 2, 2003 CVE Published
- Jan 16, 2025 CVE Updated
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Security Advisory
- Mar 17, 2026 Security Advisory
- Mar 17, 2026 Security Advisory
- Mar 17, 2026 Security Advisory
- Mar 17, 2026 Security Advisory
References
- sunrpc-xdr-array-bo(9170) vdb-entryx_refsource_XF
- 20020801-01-A vendor-advisoryx_refsource_SGI
- CA-2002-25 third-party-advisoryx_refsource_CERT
- HPSBTL0208-061 vendor-advisoryx_refsource_HP
- 20020909 GLSA: glibc mailing-listx_refsource_BUGTRAQ
- DSA-146 vendor-advisoryx_refsource_DEBIAN
- RHSA-2002:166 vendor-advisoryx_refsource_REDHAT
- HPSBUX0209-215 vendor-advisoryx_refsource_HP
- CSSA-2002-055.0 vendor-advisoryx_refsource_CALDERA
- DSA-143 vendor-advisoryx_refsource_DEBIAN
- 20020731 Remote Buffer Overflow Vulnerability in Sun RPC third-party-advisoryx_refsource_ISS
- 20020801-01-P vendor-advisoryx_refsource_SGI
- CLA-2002:515 vendor-advisoryx_refsource_CONECTIVA
- CLA-2002:535 vendor-advisoryx_refsource_CONECTIVA
- RHSA-2003:212 vendor-advisoryx_refsource_REDHAT
- MS02-057 vendor-advisoryx_refsource_MS
- DSA-142 vendor-advisoryx_refsource_DEBIAN
- NetBSD-SA2002-011 vendor-advisoryx_refsource_NETBSD
- IY34194 vendor-advisoryx_refsource_AIXAPAR
- RHSA-2002:167 vendor-advisoryx_refsource_REDHAT
…and 18 more