Denial of Service Vulnerability in Sun RPC Functionality of Libc Implementations
CVE-2002-1265

Currently unrated

Key Information:

Vendor: Gnu
Status: Glibc; Irix
Vendor: CVE Published:; 12 November 2002

What is CVE-2002-1265?

The Sun RPC functionality across multiple implementations of libc lacks a timeout mechanism for reading data from TCP connections. This design flaw enables remote attackers to exploit the vulnerability, potentially causing the affected system to hang and resulting in a denial of service. Organizations using these libc versions are advised to implement the necessary patches to mitigate this risk.

References

http://www.info.apple.com/usen/security/security_updates....

x_refsource_CONFIRM

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www-1.ibm.com/services/continuity/recover1.nsf/mss...

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2002
Vulnerability Reserved
Nov 4, 2002

Gnu

What is CVE-2002-1265?

References

Timeline