An integer overflow has been discovered in the xdr_array() function, contained in the Sun Microsystems RPC/XDR library, which is part of the glibc library package on all SuSE products. This overflow allows a remote attacker to overflow a buffer, leading to remote execution of arbitrary code supplied by the attacker.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 7.3 | sparc | glibc | < 2.2.4-43 | glibc-2.2.4-43.sparc.rpm |
openSUSE | 7.3 | ppc | glibc-devel | < 2.2.4-63 | glibc-devel-2.2.4-63.ppc.rpm |
openSUSE | 8.0 | i386 | glibc-profile | < 2.2.5-123 | glibc-profile-2.2.5-123.i386.rpm |
openSUSE | 8.0 | i386 | glibc-devel | < 2.2.5-123 | glibc-devel-2.2.5-123.i386.rpm |
openSUSE | 7.2 | i386 | glibc-devel | < 2.2.2-64 | glibc-devel-2.2.2-64.i386.rpm |
openSUSE | 7.3 | i386 | glibc | < 2.2.4-75 | glibc-2.2.4-75.i386.rpm |
openSUSE | 7.3 | ppc | glibc-profile | < 2.2.4-63 | glibc-profile-2.2.4-63.ppc.rpm |
openSUSE | 7.3 | ppc | glibc | < 2.2.4-63 | glibc-2.2.4-63.ppc.rpm |
openSUSE | 7.3 | sparc | glibc-profile | < 2.2.4-43 | glibc-profile-2.2.4-43.sparc.rpm |
openSUSE | 7.2 | i386 | glibc | < 2.2.2-64 | glibc-2.2.2-64.i386.rpm |