Описание
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:rpcbind_project:rpcbind:0.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 7.8
ubuntu
около 6 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
redhat
больше 15 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
CVSS3: 7.8
debian
около 6 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) ...
CVSS3: 7.8
github
больше 3 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
EPSS
Процентиль: 19%
0.00061
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-20