rpm package
suse/rpcbind&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
pkg:rpm/suse/rpcbind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-8779 | Hig | 7.5 | < 0.1.6+git20080930-6.27.2 | 0.1.6+git20080930-6.27.2 | May 4, 2017 | rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subseq | |
| CVE-2015-7236 | Hig | 7.5 | < 0.1.6+git20080930-6.24.1 | 0.1.6+git20080930-6.24.1 | Oct 1, 2015 | Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code. |
- affected < 0.1.6+git20080930-6.27.2fixed 0.1.6+git20080930-6.27.2
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subseq
- affected < 0.1.6+git20080930-6.24.1fixed 0.1.6+git20080930-6.24.1
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.