cbcvebase.
CVE-2002-0391
published 2002-08-12

CVE-2002-0391: Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows…

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

Affected

172 ranges· showing 25
VendorProductVersion rangeFixed in
crayunicos
crayunicos
crayunicos
crayunicos
crayunicos
crayunicos
crayunicos
crayunicos
crayunicos
crayunicos
debianacm< acm 5.0-10 (bookworm)acm 5.0-10 (bookworm)
debiandietlibc< dietlibc 0.22-2 (bookworm)dietlibc 0.22-2 (bookworm)
debiandietlibc< acm 5.0-10 (bookworm)acm 5.0-10 (bookworm)
debianglibc< dietlibc 0.22-2 (bookworm)dietlibc 0.22-2 (bookworm)
debianglibc< acm 5.0-10 (bookworm)acm 5.0-10 (bookworm)
debiankrb5< dietlibc 0.22-2 (bookworm)dietlibc 0.22-2 (bookworm)
debiankrb5< acm 5.0-10 (bookworm)acm 5.0-10 (bookworm)
debianopenafs< acm 5.0-10 (bookworm)acm 5.0-10 (bookworm)
freebsdfreebsd<= 4.6.1
freebsdfreebsd
freebsdfreebsd
freebsdfreebsd
freebsdfreebsd
freebsdfreebsd
freebsdfreebsd

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL