CVE-2003-0028

Severity

75%

Complexity

99%

Confidentiality

106%

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 21 years ago

2003-03-25 05:00:00

Last updated 5 years ago

2020-01-21 15:45:00

Affected Software

GNU glibc 2.1

2.1

GNU glibc 2.1.1

2.1.1

GNU glibc 2.1.2

2.1.2

GNU glibc 2.1.3

2.1.3

GNU glibc 2.2

2.2

GNU glibc 2.2.1

2.2.1

GNU glibc 2.2.2

2.2.2

GNU glibc 2.2.3

2.2.3

GNU glibc 2.2.4

2.2.4

GNU glibc 2.2.5

2.2.5

GNU glibc 2.3

2.3

GNU glibc 2.3.1

2.3.1

GNU glibc 2.3.2

2.3.2

Mit Kerberos 5 1.2

1.2

Mit Kerberos 5 1.2.1

1.2.1

Mit Kerberos 5 1.2.2

1.2.2

Mit Kerberos 5 1.2.3

1.2.3

Mit Kerberos 5 1.2.4

1.2.4

Mit Kerberos 5 1.2.5

1.2.5

Mit Kerberos 5 1.2.6

1.2.6

Mit Kerberos 5 1.2.7

1.2.7

OpenAFS 1.0

1.0

OpenAFS 1.0.1

1.0.1

OpenAFS 1.0.2

1.0.2

OpenAFS 1.0.3

1.0.3

OpenAFS 1.0.4

1.0.4

OpenAFS 1.0.4a

1.0.4a

OpenAFS 1.1

1.1

OpenAFS 1.1.1

1.1.1

OpenAFS 1.1.1a

1.1.1a

OpenAFS 1.2

1.2

OpenAFS 1.2.1

1.2.1

OpenAFS 1.2.2

1.2.2

OpenAFS 1.2.2a

1.2.2a

OpenAFS 1.2.2b

1.2.2b

OpenAFS 1.2.3

1.2.3

OpenAFS 1.2.4

1.2.4

OpenAFS 1.2.5

1.2.5

OpenAFS 1.2.6

1.2.6

OpenAFS 1.3

1.3

OpenAFS 1.3.1

1.3.1

OpenAFS 1.3.2

1.3.2

SGI IRIX 6.5

6.5

SGI IRIX 6.5.1

6.5.1

SGI IRIX 6.5.2

6.5.2

SGI IRIX 6.5.2f

6.5.2f

SGI IRIX 6.5.2m

6.5.2m

SGI IRIX 6.5.3

6.5.3

SGI IRIX 6.5.3f

6.5.3f

SGI IRIX 6.5.3m

6.5.3m

SGI IRIX 6.5.4

6.5.4

SGI IRIX 6.5.4f

6.5.4f

SGI IRIX 6.5.4m

6.5.4m

SGI IRIX 6.5.5

6.5.5

SGI IRIX 6.5.5f

6.5.5f

SGI IRIX 6.5.5m

6.5.5m

SGI IRIX 6.5.6

6.5.6

SGI IRIX 6.5.6f

6.5.6f

SGI IRIX 6.5.6m

6.5.6m

SGI IRIX 6.5.7

6.5.7

SGI IRIX 6.5.7f

6.5.7f

SGI IRIX 6.5.7m

6.5.7m

SGI IRIX 6.5.8

6.5.8

SGI IRIX 6.5.8f

6.5.8f

SGI IRIX 6.5.8m

6.5.8m

SGI IRIX 6.5.9

6.5.9

SGI IRIX 6.5.9f

6.5.9f

SGI IRIX 6.5.9m

6.5.9m

SGI IRIX 6.5.10

6.5.10

SGI IRIX 6.5.10f

6.5.10f

SGI IRIX 6.5.10m

6.5.10m

SGI IRIX 6.5.11

6.5.11

SGI IRIX 6.5.11f

6.5.11f

SGI IRIX 6.5.11m

6.5.11m

SGI IRIX 6.5.12

6.5.12

SGI IRIX 6.5.12f

6.5.12f

SGI IRIX 6.5.12m

6.5.12m

SGI IRIX 6.5.13

6.5.13

SGI IRIX 6.5.13f

6.5.13f

SGI IRIX 6.5.13m

6.5.13m

SGI IRIX 6.5.14

6.5.14

SGI IRIX 6.5.14f

6.5.14f

SGI IRIX 6.5.14m

6.5.14m

SGI IRIX 6.5.15

6.5.15

SGI IRIX 6.5.15f

6.5.15f

SGI IRIX 6.5.15m

6.5.15m

SGI IRIX 6.5.16

6.5.16

SGI IRIX 6.5.16f

6.5.16f

SGI IRIX 6.5.16m

6.5.16m

SGI IRIX 6.5.17

6.5.17

SGI IRIX 6.5.17f

6.5.17f

SGI IRIX 6.5.17m

6.5.17m

SGI IRIX 6.5.18

6.5.18

SGI IRIX 6.5.18f

6.5.18f

SGI IRIX 6.5.18m

6.5.18m

SGI IRIX 6.5.19

6.5.19

SGI IRIX 6.5.20

6.5.20

Cray UNICOS 6.0

6.0

Cray UNICOS 6.0E

6.0e

Cray UNICOS 6.1

6.1

Cray UNICOS 7.0

7.0

Cray UNICOS 8.0

8.0

Cray UNICOS 8.3

8.3

Cray UNICOS 9.0

9.0

Cray UNICOS 9.0.2.5

9.0.2.5

Cray UNICOS 9.2

9.2

Cray UNICOS 9.2.4

9.2.4

FreeBSD 4.0

4.0

FreeBSD 4.1

4.1

FreeBSD 4.1.1

4.1.1

FreeBSD 4.2

4.2

FreeBSD 4.3

4.3

FreeBSD 4.4

4.4

FreeBSD 4.5

4.5

FreeBSD 4.6

4.6

FreeBSD 4.6.2

4.6.2

FreeBSD 4.7

4.7

FreeBSD 5.0

5.0

HP HP-UX 10.20

10.20

HP HP-UX 10.24

10.24

HP-UX 11.00

11.00

HP HP-UX 11.04

11.04

HP-UX 11.11

11.11

HP-UX 11i v1.5

11.20

HP-UX 11i v1.6

11.22

HP hp-ux series 700 10.20

10.20

HP hp-ux series 800 10.20

10.20

IBM AIX 4.3.3

4.3.3

IBM AIX 5.1

5.1

IBM AIX 5.2

5.2

OpenBSD 2.0

2.0

OpenBSD 2.1

2.1

OpenBSD 2.2

2.2

OpenBSD 2.3

2.3

OpenBSD 2.4

2.4

OpenBSD 2.5

2.5

OpenBSD 2.6

2.6

OpenBSD 2.7

2.7

OpenBSD 2.8

2.8

OpenBSD 2.9

2.9

OpenBSD 3.0

3.0

OpenBSD 3.1

3.1

OpenBSD 3.2

3.2

Sun Solaris 2.6

2.6

Sun SunOS (formerly Solaris)

Sun Microsystems Solaris 2.5.1

5.5.1

Sun Microsystems Solaris 7

5.7

Sun SunOS (Solaris 8) 5.8

5.8

References

NetBSD-SA2003-008

20030319 EEYE: XDR Integer Overflow

20030319 EEYE: XDR Integer Overflow

20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes

20030325 GLSA: glibc (200303-22)

2003-0014

20030522 [slackware-security] glibc XDR overflow fix (SSA:2003-141-03)

CA-2003-10

Patch, Third Party Advisory, US Government Resource

DSA-266

DSA-272

DSA-282

AD20030318

Exploit, Vendor Advisory

VU#516825

US Government Resource

ESA-20030321-010

MDKSA-2003:037

SuSE-SA:2003:027

RHSA-2003:051

RHSA-2003:052

RHSA-2003:089

RHSA-2003:091

20030319 RE: EEYE: XDR Integer Overflow

20030331 GLSA: dietlibc (200303-29)

20030331 GLSA: krb5 & mit-krb5 (200303-28)

oval:org.mitre.oval:def:230

https://security.netapp.com/advisory/ntap-20150122-0002/

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.