CVE-2002-0391
CVE-2002-0391
Vexday Risk Score
40Attention
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 58.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
02 Apr 2003Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txtftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.ascftp://patches.sgi.com/support/free/security/advisories/20020801-01-Aftp://patches.sgi.com/support/free/security/advisories/20020801-01-Phttp://archives.neohapsis.com/archives/aix/2002-q4/0002.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-07/0514.htmlhttp://archives.neohapsis.com/archives/hp/2002-q3/0077.htmlhttp://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000515http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535http://marc.info/?l=bugtraq&m=102813809232532&w=2http://marc.info/?l=bugtraq&m=102821785316087&w=2