Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2003-0028
Description:Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
Test IDs: 1.3.6.1.4.1.25623.1.0.53343   1.3.6.1.4.1.25623.1.0.51416   1.3.6.1.4.1.25623.1.0.11420   1.3.6.1.4.1.25623.1.0.53592   1.3.6.1.4.1.25623.1.0.54101   1.3.6.1.4.1.25623.1.0.50998   1.3.6.1.4.1.25623.1.0.50698  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2003-0028
Bugtraq: 20030319 EEYE: XDR Integer Overflow (Google Search)
http://marc.info/?l=bugtraq&m=104810574423662&w=2
Bugtraq: 20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes (Google Search)
http://marc.info/?l=bugtraq&m=104811415301340&w=2
Bugtraq: 20030319 RE: EEYE: XDR Integer Overflow (Google Search)
http://www.securityfocus.com/archive/1/315638/30/25430/threaded
Bugtraq: 20030325 GLSA: glibc (200303-22) (Google Search)
http://marc.info/?l=bugtraq&m=104860855114117&w=2
Bugtraq: 20030331 GLSA: dietlibc (200303-29) (Google Search)
http://www.securityfocus.com/archive/1/316931/30/25250/threaded
Bugtraq: 20030331 GLSA: krb5 & mit-krb5 (200303-28) (Google Search)
http://www.securityfocus.com/archive/1/316960/30/25250/threaded
Bugtraq: 20030522 [slackware-security] glibc XDR overflow fix (SSA:2003-141-03) (Google Search)
http://marc.info/?l=bugtraq&m=105362148313082&w=2
Caldera Security Advisory: CSSA-2003-013.0
Cert/CC Advisory: CA-2003-10
http://www.cert.org/advisories/CA-2003-10.html
CERT/CC vulnerability note: VU#516825
http://www.kb.cert.org/vuls/id/516825
Debian Security Information: DSA-266 (Google Search)
http://www.debian.org/security/2003/dsa-266
Debian Security Information: DSA-272 (Google Search)
http://www.debian.org/security/2003/dsa-272
Debian Security Information: DSA-282 (Google Search)
http://www.debian.org/security/2003/dsa-282
eEye Security Advisory: AD20030318
http://www.eeye.com/html/Research/Advisories/AD20030318.html
En Garde Linux Advisory: ESA-20030321-010
http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html
FreeBSD Security Advisory: FreeBSD-SA-03:05
http://www.mandriva.com/security/advisories?name=MDKSA-2003:037
NETBSD Security Advisory: NetBSD-SA2003-008
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230
RedHat Security Advisories: RHSA-2003:051
http://www.redhat.com/support/errata/RHSA-2003-051.html
RedHat Security Advisories: RHSA-2003:052
http://www.redhat.com/support/errata/RHSA-2003-052.html
RedHat Security Advisories: RHSA-2003:089
http://www.redhat.com/support/errata/RHSA-2003-089.html
RedHat Security Advisories: RHSA-2003:091
http://www.redhat.com/support/errata/RHSA-2003-091.html
SuSE Security Announcement: SuSE-SA:2003:027 (Google Search)
http://www.novell.com/linux/security/advisories/2003_027_glibc.html
http://marc.info/?l=bugtraq&m=104878237121402&w=2
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html




© 1998-2024 E-Soft Inc. All rights reserved.