PORTMAPPER: Rpcbind XDR Parsing Memory Exhaustion Denial of Service
This signature detects attempts to exploit a known vulnerability in rpcbind, within its associated library libtirpc. Successful exploitation could cause excessive resource consumption on the target system, leading to a denial-of-service condition.
Extended Description
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.
Affected Products
Libtirpc_project libtirpc
Short Name
PORTMAPPER:RPCBIND-XDR-DOS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
PORTMAPPER
Keywords
CVE-2017-8779 Denial Exhaustion Memory Parsing Rpcbind Service XDR bid:98325 of
Release Date
08/23/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Rpcbind_project
Libtirpc_project
Ntirpc_project
CVSS Score
7.8