Unrated severityNVD Advisory· Published Jul 9, 2013· Updated Apr 29, 2026

CVE-2013-1950

Description

The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service (rpcbind crash) via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer.

Affected products

Libtirpc Project/Libtirpc8 versions
cpe:2.3:a:libtirpc_project:libtirpc:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:libtirpc_project:libtirpc:*:*:*:*:*:*:*:*range: <=0.2.3
- cpe:2.3:a:libtirpc_project:libtirpc:0.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:libtirpc_project:libtirpc:0.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:libtirpc_project:libtirpc:0.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:libtirpc_project:libtirpc:0.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:libtirpc_project:libtirpc:0.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:libtirpc_project:libtirpc:0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:libtirpc_project:libtirpc:0.2.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000