Title: RPCBind / Portmap Malformed RPC Request Denial of Service Vulnerability
Severity: HIGH
Description:
The portmap process maps RPC calls into ports. rpcbind is used to map RPC program numbers to addresses.
A problem in some rpcbind implementations could make it possible for remote users to deny service to legitimate users of rpc dependent services. Malformed RPC requests may cause the portmapper to crash. The nature of this vulnerability suggests that memory corruption is occuring, possibly due to a buffer overflow condition.
This makes it possible for a remote user to exploit the service, and potentially deny rpc dependent service access such as NIS to other users of the system.
One of the conditions has been described by HP as 'random buffer overflows' and is present when the system is under heavy load. It is not known if code execution is possible. Additionally, similar conditions have been reported in rpcbind/portmap implementations for SGI IRIX.
Affected Products:
- HP HP-UX 11.0.0
- HP HP-UX 11.0.0 4
- HP HP-UX 11.11.0
- SGI IRIX 6.5.0
- SGI IRIX 6.5.1
- SGI IRIX 6.5.10
- SGI IRIX 6.5.11 f
- SGI IRIX 6.5.11 m
- SGI IRIX 6.5.12 f
- SGI IRIX 6.5.12 m
- SGI IRIX 6.5.13 f
- SGI IRIX 6.5.13 m
- SGI IRIX 6.5.14 f
- SGI IRIX 6.5.14 m
- SGI IRIX 6.5.15 f
- SGI IRIX 6.5.15 m
- SGI IRIX 6.5.2
- SGI IRIX 6.5.3
- SGI IRIX 6.5.4
- SGI IRIX 6.5.5
- SGI IRIX 6.5.6
- SGI IRIX 6.5.7
- SGI IRIX 6.5.8
- SGI IRIX 6.5.9
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
