VDB

CISA-2002-0391

CISA-2002-0391 PUBLISHED CVSS 9.8 CRITICAL

Reported by mitre · Published April 2, 2003

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

Risk Scores

CVSS 3.1
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
n/an/an/a
n/an/an/a, n/a, n/a

Timeline

  • Apr 2, 2003 CVE Published
  • Jan 16, 2025 CVE Updated
  • Mar 17, 2026 Distribution Patch
  • Mar 17, 2026 Distribution Patch
  • Mar 17, 2026 Distribution Patch
  • Mar 17, 2026 Distribution Patch
  • Mar 17, 2026 Distribution Patch
  • Mar 17, 2026 Security Advisory
  • Mar 17, 2026 Security Advisory
  • Mar 17, 2026 Security Advisory
  • Mar 17, 2026 Security Advisory
  • Mar 17, 2026 Security Advisory

References

…and 18 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›