CVE-2002-0391

Source
https://nvd.nist.gov/vuln/detail/CVE-2002-0391
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2002-0391.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2002-0391
Related
Published
2002-08-12T04:00:00Z
Modified
2025-02-14T23:00:20Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Integer overflow in xdrarray function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdrarray through RPC services such as rpc.cmsd and dmispd.

References

Affected packages

Debian:11 / acm

Package

Name
acm
Purl
pkg:deb/debian/acm?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0-10

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / acm

Package

Name
acm
Purl
pkg:deb/debian/acm?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0-10

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / acm

Package

Name
acm
Purl
pkg:deb/debian/acm?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0-10

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / dietlibc

Package

Name
dietlibc
Purl
pkg:deb/debian/dietlibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.20-0cvs20020808

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / dietlibc

Package

Name
dietlibc
Purl
pkg:deb/debian/dietlibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.20-0cvs20020808

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / dietlibc

Package

Name
dietlibc
Purl
pkg:deb/debian/dietlibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.20-0cvs20020808

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / glibc

Package

Name
glibc
Purl
pkg:deb/debian/glibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.5-13

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / glibc

Package

Name
glibc
Purl
pkg:deb/debian/glibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.5-13

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / glibc

Package

Name
glibc
Purl
pkg:deb/debian/glibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.5-13

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / krb5

Package

Name
krb5
Purl
pkg:deb/debian/krb5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.5-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / krb5

Package

Name
krb5
Purl
pkg:deb/debian/krb5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.5-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / krb5

Package

Name
krb5
Purl
pkg:deb/debian/krb5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.5-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / openafs

Package

Name
openafs
Purl
pkg:deb/debian/openafs?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / openafs

Package

Name
openafs
Purl
pkg:deb/debian/openafs?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / openafs

Package

Name
openafs
Purl
pkg:deb/debian/openafs?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}