CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2002-0391

CVSS 9.8v3.1pub. 2002-08-12upd. 2026-04-16

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Freebsd

    OS
    Freebsd
    ≤ 4.6.1
  • Microsoft Windows 2000

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Nt

    OS
    Microsoft
    4.0
  • Microsoft Windows Xp

    OS
    Microsoft
    wszystkie wersje
  • Openbsd

    OS
    Openbsd
    3.1
  • Sun Solaris

    OS
    Sun
    2.69.0
  • Sun Sunos

    OS
    Sun
    5.5.15.75.8
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2014-1776CRITICAL9.8⚠ KEVten sam produkt

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute ar...

CVE-2008-4250CRITICAL9.8⚠ KEVten sam produkt

The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1,...

CVE-2024-10934CRITICAL9.2PL ✓ten sam produkt

Double free i niezainicjowana zmienna w implementacji NFS systemu OpenBSD

CVE-2024-43102CRITICAL10.0PL ✓ten sam produkt

FreeBSD UMTX_SHM_DESTROY: use-after-free umożliwiający RCE lub ucieczkę z sandboxa

CVE-2024-29937CRITICAL9.8PL ✓ten sam produkt

RCE w implementacji NFS w OpenBSD i FreeBSD — zdalne wykonanie kodu