[26513] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Remote Buffer Overflow Vulnerability in Sun RPC

daemon@ATHENA.MIT.EDU (Ricardo Quesada)
Fri Aug 2 13:18:04 2002

Message-ID: <3D4ADD71.7060202@corest.com>
Date: Fri, 02 Aug 2002 16:28:49 -0300
From: Ricardo Quesada <core.lists.bugtraq@core-sdi.com>
MIME-Version: 1.0
To: <BUGTRAQ@securityfocus.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Hi,
     As the advisory says: "...Additional
commercial and open-source Unix operating systems use implementations of 
SunRPC, and may also be vulnerable..."...

    it seems that glibc based systems (eg: most, if not all, linuxes) 
are also vulnerable to exactly the same xdr_array problem.

    (take a look at glibc-2.2.5/sunrpc/xdr_array.c)

riq.


--- for a personal reply use: Ricardo Quesada <riq@corest.com>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[26513] in bugtraq

Re: Remote Buffer Overflow Vulnerability in Sun RPC

daemon@ATHENA.MIT.EDU (Ricardo Quesada)Fri Aug 2 13:18:04 2002

daemon@ATHENA.MIT.EDU (Ricardo Quesada)
Fri Aug 2 13:18:04 2002