CVE-2002-1265

3 documents3 sources

Severity

5.0MEDIUM

EPSS

3.7%

top 11.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server GNU Glibc +1 more

Timeline

PublishedNov 12

Latest updateMay 3

Description

The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDgnu/glibc20 versions+19

▶NVDsgi/irix23 versions+22

▶NVDapple/mac_os_x13 versions+12

▶NVDapple/mac_os_x_server10.0, 10.2, 10.2.1+2

🔴Vulnerability Details

GHSA

GHSA-qgpg-f5p7-6q84: The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows↗2022-05-03

▶

CVEList

CVE-2002-1265: The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows↗2004-09-01

▶