VYPR

rpm package

suse/libtirpc&distro=SUSE Linux Enterprise Server 11 SP4

pkg:rpm/suse/libtirpc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Vulnerabilities (3)

  • CVE-2018-14622HigAug 30, 2018
    affected < 0.2.1-1.13.6.1fixed 0.2.1-1.13.6.1

    A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker c

  • CVE-2018-14621MedAug 30, 2018
    affected < 0.2.1-1.13.6.1fixed 0.2.1-1.13.6.1

    An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to using poll rather than select, exhaustion of file descriptors would cause the server to enter an infinite loop, consuming a large amount of CPU time and denying service to other client

  • CVE-2017-8779HigMay 4, 2017
    affected < 0.2.1-1.12.3fixed 0.2.1-1.12.3

    rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subseq