CVE-2002-0391
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2002-0391
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2002-0391.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2002-0391
- Downstream
- Published
- 2002-08-12T04:00:00Z
- Modified
- 2025-09-17T16:00:21Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Integer overflow in xdrarray function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdrarray through RPC services such as rpc.cmsd and dmispd.
- References
-
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc
- ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A
- ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P
- http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823
- http://online.securityfocus.com/advisories/4402
- http://online.securityfocus.com/archive/1/285740
- http://rhn.redhat.com/errata/RHSA-2002-166.html
- http://rhn.redhat.com/errata/RHSA-2002-172.html
- http://www.cert.org/advisories/CA-2002-25.html
- http://www.debian.org/security/2002/dsa-142
- http://www.debian.org/security/2002/dsa-143
- http://www.debian.org/security/2002/dsa-146
- http://www.debian.org/security/2002/dsa-149
- http://www.debian.org/security/2003/dsa-333
- http://www.kb.cert.org/vuls/id/192995
- http://www.linuxsecurity.com/advisories/other_advisory-2399.html
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:057
- http://www.securityfocus.com/bid/5356
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-057
- http://marc.info/?l=bugtraq&m=102813809232532&w=2
- http://marc.info/?l=bugtraq&m=102821785316087&w=2
- http://marc.info/?l=bugtraq&m=102821928418261&w=2
- http://marc.info/?l=bugtraq&m=102831443208382&w=2
- http://marc.info/?l=bugtraq&m=103158632831416&w=2
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt
- http://archives.neohapsis.com/archives/aix/2002-q4/0002.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html
- http://archives.neohapsis.com/archives/hp/2002-q3/0077.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000515
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535
- http://www.iss.net/security_center/static/9170.php
- http://www.redhat.com/support/errata/RHSA-2002-167.html
- http://www.redhat.com/support/errata/RHSA-2002-173.html
- http://www.redhat.com/support/errata/RHSA-2003-168.html
- http://www.redhat.com/support/errata/RHSA-2003-212.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A42
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4728
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9