RPC: XDR Integer Overflow
This signature detects attempts to exploit a known vulnerability against the SUN XDR/RPC library. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the logged in user.
Extended Description
A vulnerability has been discovered in the Sun XDR library. Specifically, an integer overflow as been found in the xdrmem_getbytes() function. As a result, applications implementing the vulnerable library call may be prone to denial of service attacks. It should be noted that the vulnerable library code has been implemented by various libraries including BSD's libc, Glibc, and Sun Microsystem's libnsl.
Affected Products
Freebsd freebsd
Short Name
RPC:XDR-INTEGER-OVERFLOW
Severity
Major
Recommended
False
Recommended Action
Drop
Category
RPC
Keywords
CA-2003-10 CVE-2003-0028 Integer Overflow XDR bid:7123
Release Date
06/05/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Diet_libc
Openafs
Openbsd
Ibm
Gnu
Sun
Hp
Cray
Sgi
Freebsd
Caldera
Mit
CVSS Score
7.5