local/remote privilege escalation in glibc

ID SUSE-SA:2002:031
Type suse
Reporter Suse
Modified 2002-08-30T17:06:11


An integer overflow has been discovered in the xdr_array() function, contained in the Sun Microsystems RPC/XDR library, which is part of the glibc library package on all SuSE products. This overflow allows a remote attacker to overflow a buffer, leading to remote execution of arbitrary code supplied by the attacker.