Lucene search
SuseSUSE-SA:2002:031HistoryAug 30, 2002 - 5:06 p.m.
local/remote privilege escalation in glibc
2002-08-3017:06:11
lists.opensuse.org
10
0.85 High
EPSS
Percentile
98.5%
An integer overflow has been discovered in the xdr_array() function, contained in the Sun Microsystems RPC/XDR library, which is part of the glibc library package on all SuSE products. This overflow allows a remote attacker to overflow a buffer, leading to remote execution of arbitrary code supplied by the attacker.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 7.3 | sparc | glibc | < 2.2.4-43 | glibc-2.2.4-43.sparc.rpm |
| openSUSE | 7.3 | ppc | glibc-devel | < 2.2.4-63 | glibc-devel-2.2.4-63.ppc.rpm |
| openSUSE | 8.0 | i386 | glibc-profile | < 2.2.5-123 | glibc-profile-2.2.5-123.i386.rpm |
| openSUSE | 8.0 | i386 | glibc-devel | < 2.2.5-123 | glibc-devel-2.2.5-123.i386.rpm |
| openSUSE | 7.2 | i386 | glibc-devel | < 2.2.2-64 | glibc-devel-2.2.2-64.i386.rpm |
| openSUSE | 7.3 | i386 | glibc | < 2.2.4-75 | glibc-2.2.4-75.i386.rpm |
| openSUSE | 7.3 | ppc | glibc-profile | < 2.2.4-63 | glibc-profile-2.2.4-63.ppc.rpm |
| openSUSE | 7.3 | ppc | glibc | < 2.2.4-63 | glibc-2.2.4-63.ppc.rpm |
| openSUSE | 7.3 | sparc | glibc-profile | < 2.2.4-43 | glibc-profile-2.2.4-43.sparc.rpm |
| openSUSE | 7.2 | i386 | glibc | < 2.2.2-64 | glibc-2.2.2-64.i386.rpm |
Related
openvas
openvas
Debian Security Advisory DSA 146-2 (dietlibc)
2008-01-17 00:00:00
Debian Security Advisory DSA 149-1 (glibc)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-142)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA-333-1] New acm packages fix integer overflow
2003-06-29 01:44:27
[SECURITY] [DSA 149-2] New glibc packages fix
2002-09-26 17:01:24
[SECURITY] [DSA 149-1] New glibc packages fix security related problems
2002-08-13 08:21:57
osv
osv
dietlibc - integer overflow
2002-08-08 00:00:00
krb5 - integer overflow
2002-08-05 00:00:00
acm - integer overflow
2003-06-27 00:00:00
nvd
nvd
CVE-2002-0391
2002-08-12 04:00:00
CVE-2003-0028
2003-03-25 05:00:00
cve
cve
CVE-2002-0391
2003-04-02 05:00:00
CVE-2003-0028
2003-03-25 05:00:00
nessus
nessus
Debian DSA-333-1 : acm - integer overflow
2004-09-29 00:00:00
Sun rpc.cmsd Remote Overflow
2003-03-19 00:00:00
Mandrake Linux Security Advisory : glibc (MDKSA-2002:061)
2004-07-31 00:00:00
canvas
canvas
Immunity Canvas: TTDB_XDRARRAY
2002-08-12 04:00:00
Immunity Canvas: CMSD_XDRARRAY
2002-08-12 00:00:00
debiancve
debiancve
CVE-2002-0391
2003-04-02 05:00:00
CVE-2003-0028
2003-03-25 05:00:00
cvelist
cvelist
CVE-2002-0391
2003-04-02 05:00:00
CVE-2003-0028
2003-03-21 05:00:00
securityvulns
securityvulns
Advisory CA-2002-25 Integer Overflow In XDR Library
2002-08-06 00:00:00
RUS-CERT Advisory 2002-08:02: Flaw in calloc and similar routines
2002-08-08 00:00:00
cert
cert
Integer overflow in xdr_array() function when deserializing the XDR stream
2002-08-01 00:00:00