Download
| Alert*
|
oval:org.secpod.oval:def:89045019
This update for rpcbind fixes the following issues: - CVE-2017-8779: A crafted UDP package could lead rcpbind to remote denial-of-service oval:org.secpod.oval:def:204503 The rpcbind utility is a server that converts Remote Procedure Call program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. Security Fix: * It was found that due to the way rpcbind uses libtirpc , a memory leak can occur whe ... oval:org.secpod.oval:def:89044563 This update for libtirpc fixes the following issues: - CVE-2017-8779: crafted UDP packaged could lead rpcbind to denial-of-service oval:org.secpod.oval:def:204501 The libtirpc packages contain SunLib"s implementation of transport-independent remote procedure call documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fix: * It was found that due to the way rpcbind uses libtirpc , a memory leak can occur w ... oval:org.secpod.oval:def:89044580 This update for libtirpc and rpcbind fixes the following issues: - CVE-2017-8779: A crafted UDP package could lead rpcbind to remote denial-of-service oval:org.secpod.oval:def:204505 The libtirpc packages contain SunLib"s implementation of transport-independent remote procedure call documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fix: * It was found that due to the way rpcbind uses libtirpc , a memory leak can occur wh ... oval:org.secpod.oval:def:204504 The rpcbind utility is a server that converts Remote Procedure Call program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. Security Fix: * It was found that due to the way rpcbind uses libtirpc , a memory leak can occur when ... oval:org.secpod.oval:def:1501868 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501869 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:706044 rpcbind: converts RPC program numbers into universal addresses rpcbind could be made to consume resources and crash if it received specially crafted network traffic. oval:org.secpod.oval:def:112366 The rpcbind utility is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. oval:org.secpod.oval:def:73445 rpcbind: converts RPC program numbers into universal addresses rpcbind could be made to consume resources and crash if it received specially crafted network traffic. oval:org.secpod.oval:def:502034 The rpcbind utility is a server that converts Remote Procedure Call program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. Security Fix: * It was found that due to the way rpcbind uses libtirpc , a memory leak can occur whe ... oval:org.secpod.oval:def:502038 The libtirpc packages contain SunLib"s implementation of transport-independent remote procedure call documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fix: * It was found that due to the way rpcbind uses libtirpc , a memory leak can occur w ... oval:org.secpod.oval:def:502037 The libtirpc packages contain SunLib"s implementation of transport-independent remote procedure call documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fix: * It was found that due to the way rpcbind uses libtirpc , a memory leak can occur w ... oval:org.secpod.oval:def:502039 The rpcbind utility is a server that converts Remote Procedure Call program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. Security Fix: * It was found that due to the way rpcbind uses libtirpc , a memory leak can occur whe ... oval:org.secpod.oval:def:1501870 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:51118 libtirpc: transport-independent RPC library - development files Several security issues were fixed in libtirpc. oval:org.secpod.oval:def:602870 Guido Vranken discovered that incorrect memory management in libtirpc, a transport-independent RPC library used by rpcbind and other programs may result in denial of service via memory exhaustion . oval:org.secpod.oval:def:704308 libtirpc: transport-independent RPC library - development files Several security issues were fixed in libtirpc. oval:org.secpod.oval:def:1501871 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600713 It was found that due to the way rpcbind uses libtirpc , a memoryleak can occur when parsing specially crafted XDR messages. An attacker sendingthousands of messages to rpcbind could cause its memory usage to grow withoutbound, eventually causing it to be terminated by the OOM killer oval:org.secpod.oval:def:1600710 Memory leak when failing to parse XDR strings or bytearraysIt was found that due to the way rpcbind uses libtirpc , a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually ... oval:org.secpod.oval:def:112392 This package contains SunLibs implementation of transport-independent RPC documentation. This library forms a piece of the base of Open Network Computing , and is derived directly from the Solaris 2.3 source. TI-RPC is an enhanced version of TS-RPC that requires the UNIX System V Transport Layer In ... oval:org.secpod.oval:def:1000759 The remote host is missing a patch 152260-03 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2101140 rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a cra ... oval:org.secpod.oval:def:1000789 The remote host is missing a patch 152261-03 containing a security fix. For more information please visit the reference link. |
