SUSE CVE-2015-7236

Use-after-free vulnerability in xprtsetcaller in rpcbsvccom.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service daemon crash via crafted packets, involving a PMAPCALLIT code...

Rpcbind 'rpcb_svc_com.c' Remote Memory Corruption Vulnerability

Rpcbind is a service that translates RPC program numbers into generic addresses. A memory corruption vulnerability exists in the xprtsetcaller in the rpcbsvccom.c file in Rpcbind 0.2.1 and earlier versions. A remote attacker can exploit this vulnerability by sending specially crafted packets to...

Design/Logic Flaw

Use-after-free vulnerability in xprtsetcaller in rpcbsvccom.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service daemon crash via crafted packets, involving a PMAPCALLIT code...

CVE-2015-7236

CVE-2015-7236 describes a use-after-free in rpcbind (xprt_set_caller in rpcb_svc_com.c) affecting rpcbind 0.2.1 and earlier. The vulnerability can be triggered by crafted PMAP_CALLIT packets over TCP/UDP, enabling a remote attacker to cause a denial-of-service (daemon crash). Connected sources do...

UBUNTU-CVE-2015-7236

Use-after-free vulnerability in xprtsetcaller in rpcbsvccom.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service daemon crash via crafted packets, involving a PMAPCALLIT code...