Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Glibc | Gnu | 2.1 (including) | 2.1 (including) |
| Glibc | Gnu | 2.1.1 (including) | 2.1.1 (including) |
| Glibc | Gnu | 2.1.2 (including) | 2.1.2 (including) |
| Glibc | Gnu | 2.1.3 (including) | 2.1.3 (including) |
| Glibc | Gnu | 2.2 (including) | 2.2 (including) |
| Glibc | Gnu | 2.2.1 (including) | 2.2.1 (including) |
| Glibc | Gnu | 2.2.2 (including) | 2.2.2 (including) |
| Glibc | Gnu | 2.2.3 (including) | 2.2.3 (including) |
| Glibc | Gnu | 2.2.4 (including) | 2.2.4 (including) |
| Glibc | Gnu | 2.2.5 (including) | 2.2.5 (including) |
| Glibc | Gnu | 2.3 (including) | 2.3 (including) |
| Glibc | Gnu | 2.3.1 (including) | 2.3.1 (including) |
| Glibc | Gnu | 2.3.2 (including) | 2.3.2 (including) |
| Kerberos_5 | Mit | 1.2 (including) | 1.2 (including) |
| Kerberos_5 | Mit | 1.2.1 (including) | 1.2.1 (including) |
| Kerberos_5 | Mit | 1.2.2 (including) | 1.2.2 (including) |
| Kerberos_5 | Mit | 1.2.3 (including) | 1.2.3 (including) |
| Kerberos_5 | Mit | 1.2.4 (including) | 1.2.4 (including) |
| Kerberos_5 | Mit | 1.2.5 (including) | 1.2.5 (including) |
| Kerberos_5 | Mit | 1.2.6 (including) | 1.2.6 (including) |
| Kerberos_5 | Mit | 1.2.7 (including) | 1.2.7 (including) |
| Openafs | Openafs | 1.0 (including) | 1.0 (including) |
| Openafs | Openafs | 1.0.1 (including) | 1.0.1 (including) |
| Openafs | Openafs | 1.0.2 (including) | 1.0.2 (including) |
| Openafs | Openafs | 1.0.3 (including) | 1.0.3 (including) |
| Openafs | Openafs | 1.0.4 (including) | 1.0.4 (including) |
| Openafs | Openafs | 1.0.4a (including) | 1.0.4a (including) |
| Openafs | Openafs | 1.1 (including) | 1.1 (including) |
| Openafs | Openafs | 1.1.1 (including) | 1.1.1 (including) |
| Openafs | Openafs | 1.1.1a (including) | 1.1.1a (including) |
| Openafs | Openafs | 1.2 (including) | 1.2 (including) |
| Openafs | Openafs | 1.2.1 (including) | 1.2.1 (including) |
| Openafs | Openafs | 1.2.2 (including) | 1.2.2 (including) |
| Openafs | Openafs | 1.2.2a (including) | 1.2.2a (including) |
| Openafs | Openafs | 1.2.2b (including) | 1.2.2b (including) |
| Openafs | Openafs | 1.2.3 (including) | 1.2.3 (including) |
| Openafs | Openafs | 1.2.4 (including) | 1.2.4 (including) |
| Openafs | Openafs | 1.2.5 (including) | 1.2.5 (including) |
| Openafs | Openafs | 1.2.6 (including) | 1.2.6 (including) |
| Openafs | Openafs | 1.3 (including) | 1.3 (including) |
| Openafs | Openafs | 1.3.1 (including) | 1.3.1 (including) |
| Openafs | Openafs | 1.3.2 (including) | 1.3.2 (including) |
| Irix | Sgi | 6.5 (including) | 6.5 (including) |
| Irix | Sgi | 6.5.1 (including) | 6.5.1 (including) |
| Irix | Sgi | 6.5.2 (including) | 6.5.2 (including) |
| Irix | Sgi | 6.5.2f (including) | 6.5.2f (including) |
| Irix | Sgi | 6.5.2m (including) | 6.5.2m (including) |
| Irix | Sgi | 6.5.3 (including) | 6.5.3 (including) |
| Irix | Sgi | 6.5.3f (including) | 6.5.3f (including) |
| Irix | Sgi | 6.5.3m (including) | 6.5.3m (including) |
| Irix | Sgi | 6.5.4 (including) | 6.5.4 (including) |
| Irix | Sgi | 6.5.4f (including) | 6.5.4f (including) |
| Irix | Sgi | 6.5.4m (including) | 6.5.4m (including) |
| Irix | Sgi | 6.5.5 (including) | 6.5.5 (including) |
| Irix | Sgi | 6.5.5f (including) | 6.5.5f (including) |
| Irix | Sgi | 6.5.5m (including) | 6.5.5m (including) |
| Irix | Sgi | 6.5.6 (including) | 6.5.6 (including) |
| Irix | Sgi | 6.5.6f (including) | 6.5.6f (including) |
| Irix | Sgi | 6.5.6m (including) | 6.5.6m (including) |
| Irix | Sgi | 6.5.7 (including) | 6.5.7 (including) |
| Irix | Sgi | 6.5.7f (including) | 6.5.7f (including) |
| Irix | Sgi | 6.5.7m (including) | 6.5.7m (including) |
| Irix | Sgi | 6.5.8 (including) | 6.5.8 (including) |
| Irix | Sgi | 6.5.8f (including) | 6.5.8f (including) |
| Irix | Sgi | 6.5.8m (including) | 6.5.8m (including) |
| Irix | Sgi | 6.5.9 (including) | 6.5.9 (including) |
| Irix | Sgi | 6.5.9f (including) | 6.5.9f (including) |
| Irix | Sgi | 6.5.9m (including) | 6.5.9m (including) |
| Irix | Sgi | 6.5.10 (including) | 6.5.10 (including) |
| Irix | Sgi | 6.5.10f (including) | 6.5.10f (including) |
| Irix | Sgi | 6.5.10m (including) | 6.5.10m (including) |
| Irix | Sgi | 6.5.11 (including) | 6.5.11 (including) |
| Irix | Sgi | 6.5.11f (including) | 6.5.11f (including) |
| Irix | Sgi | 6.5.11m (including) | 6.5.11m (including) |
| Irix | Sgi | 6.5.12 (including) | 6.5.12 (including) |
| Irix | Sgi | 6.5.12f (including) | 6.5.12f (including) |
| Irix | Sgi | 6.5.12m (including) | 6.5.12m (including) |
| Irix | Sgi | 6.5.13 (including) | 6.5.13 (including) |
| Irix | Sgi | 6.5.13f (including) | 6.5.13f (including) |
| Irix | Sgi | 6.5.13m (including) | 6.5.13m (including) |
| Irix | Sgi | 6.5.14 (including) | 6.5.14 (including) |
| Irix | Sgi | 6.5.14f (including) | 6.5.14f (including) |
| Irix | Sgi | 6.5.14m (including) | 6.5.14m (including) |
| Irix | Sgi | 6.5.15 (including) | 6.5.15 (including) |
| Irix | Sgi | 6.5.15f (including) | 6.5.15f (including) |
| Irix | Sgi | 6.5.15m (including) | 6.5.15m (including) |
| Irix | Sgi | 6.5.16 (including) | 6.5.16 (including) |
| Irix | Sgi | 6.5.16f (including) | 6.5.16f (including) |
| Irix | Sgi | 6.5.16m (including) | 6.5.16m (including) |
| Irix | Sgi | 6.5.17 (including) | 6.5.17 (including) |
| Irix | Sgi | 6.5.17f (including) | 6.5.17f (including) |
| Irix | Sgi | 6.5.17m (including) | 6.5.17m (including) |
| Irix | Sgi | 6.5.18 (including) | 6.5.18 (including) |
| Irix | Sgi | 6.5.18f (including) | 6.5.18f (including) |
| Irix | Sgi | 6.5.18m (including) | 6.5.18m (including) |
| Irix | Sgi | 6.5.19 (including) | 6.5.19 (including) |
| Irix | Sgi | 6.5.20 (including) | 6.5.20 (including) |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
| Red Hat Linux 6.2 | RedHat | * | |
| Red Hat Linux 6.2 | RedHat | * | |
| Red Hat Linux 7.0 | RedHat | * | |
| Red Hat Linux 7.0 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.2 | RedHat | * | |
| Red Hat Linux 7.2 | RedHat | * | |
| Red Hat Linux 7.3 | RedHat | * | |
| Red Hat Linux 7.3 | RedHat | * | |
| Red Hat Linux 8.0 | RedHat | * | |
| Red Hat Linux 8.0 | RedHat | * | |
| Red Hat Linux 9 | RedHat | * | |
| Red Hat Linux Advanced Workstation 2.1 | RedHat | * | |
| Red Hat Linux Advanced Workstation 2.1 | RedHat | * |
References
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html
- http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2
- http://www.cert.org/advisories/CA-2003-10.html
- http://www.debian.org/security/2003/dsa-266
- http://www.debian.org/security/2003/dsa-272
- http://www.debian.org/security/2003/dsa-282
- http://www.eeye.com/html/Research/Advisories/AD20030318.html
- http://www.kb.cert.org/vuls/id/516825
- http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:037
- http://www.novell.com/linux/security/advisories/2003_027_glibc.html
- http://www.redhat.com/support/errata/RHSA-2003-051.html
- http://www.redhat.com/support/errata/RHSA-2003-052.html
- http://www.redhat.com/support/errata/RHSA-2003-089.html
- http://www.redhat.com/support/errata/RHSA-2003-091.html
- http://www.securityfocus.com/archive/1/315638/30/25430/threaded
- http://www.securityfocus.com/archive/1/316931/30/25250/threaded
- http://www.securityfocus.com/archive/1/316960/30/25250/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230
- https://security.netapp.com/advisory/ntap-20150122-0002/
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html
- http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2
- http://www.cert.org/advisories/CA-2003-10.html
- http://www.debian.org/security/2003/dsa-266
- http://www.debian.org/security/2003/dsa-272
- http://www.debian.org/security/2003/dsa-282
- http://www.eeye.com/html/Research/Advisories/AD20030318.html
- http://www.kb.cert.org/vuls/id/516825
- http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:037
- http://www.novell.com/linux/security/advisories/2003_027_glibc.html
- http://www.redhat.com/support/errata/RHSA-2003-051.html
- http://www.redhat.com/support/errata/RHSA-2003-052.html
- http://www.redhat.com/support/errata/RHSA-2003-089.html
- http://www.redhat.com/support/errata/RHSA-2003-091.html
- http://www.securityfocus.com/archive/1/315638/30/25430/threaded
- http://www.securityfocus.com/archive/1/316931/30/25250/threaded
- http://www.securityfocus.com/archive/1/316960/30/25250/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230
- https://security.netapp.com/advisory/ntap-20150122-0002/