CVE-2003-0028

Currently unrated

Key Information:

Vendor: Gnu
Status: Glibc; Irix; Openafs; Kerberos 5
Vendor: CVE Published:; 25 March 2003

Summary

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

References

http://www.linuxsecurity.com/advisories/engarde_advisory-...

vendor-advisoryx_refsource_ENGARDE

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/...

mailing-listx_refsource_VULNWATCH

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRAKE

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 25, 2003
Vulnerability Reserved
Jan 10, 2003