Edit Report

Our sensors found this exploit at:

Below is a copy:


  originally Common Vulnerabilities and Exposures assigned the CVE-2003-0028 identifier
to the following flaw:

Testing original CVE-2003-0028 reproducer against recent rpcbind code, 
resulted into an invalid pointer free flaw to be found:

Further issue context [3]:
An invalid pointer free flaw was found in the way server side code
implementation for connectionless RPC requests of libtirpc, a library
implementing Transport-Independent RPC (TI-RPC), (previously) performed
arguments retrieval (due to a regression in commit 82cc2e61 svc_dg_getargs()
routine callers would crash with invalid pointer free). A remote attacker
could issue a specially-crafted Sun RPC request that, when processed,
would lead to rpcbind daemon crash.

A different vulnerability than CVE-2003-0028.


Particular upstream patch:

Note: While the original CVE-2003-0028 issue has been reported to possibly
      allow / lead to arbitrary code execution under certain circumstances,
      the current (CVE-2013-1950) is believed to be able to cause (remote)
      rpcbind daemon crash "only".

*** glibc detected *** /sbin/rpcbind: free(): invalid pointer: 0xbf7f494c ***
poll returned read fds < 6 >
======= Backtrace: =========
Jan iankko Lieskovsky / Red Hat Security Response Team

Copyright ©2023 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.