Intrusion Prevention

Sun.RPC.Xdrmem.Getbytes.Integer.Overflow

Description

This indicates an attack attempt against an integer-overflow vulnerability in SUN RPC XDR library.
The vulnerability is caused by an error in the xdrmem_getbytes() routine when handling malicious procedure arguments. By sending a specially crafted RPC call packet, a remote attacker could execute arbitrary code on a vulnerable system.

Affected Products

Sun Microsystems Network Services Library (libnsl)
BSD-derived libraries with XDR/RPC routines (libc)
GNU C library with sunrpc (glibc)

Impact

System compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for the suggested workaround:
RedHat:
http://rhn.redhat.com/errata/RHSA-2003-091.html
DEBIAN:
http://www.debian.org/security/2003/dsa-272
MANDRAKE:
http://www.mandriva.com/security/advisories?name=MDKSA-2003:037
SUSE:
http://www.novell.com/linux/security/advisories/2003_027_glibc.html

Coverage

IPS (Regular DB)
IPS (Extended DB)

ID	17612
Created	Aug 13, 2009
Updated	Jun 07, 2022
Risk
CVE ID	CVE-2003-0028
Exploit Prediction Score	96.79%
Default Action	drop
Active
Affected OS	Linux, Solaris
Affected App	SUN

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

Sun.RPC.Xdrmem.Getbytes.Integer.Overflow

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

Sun.RPC.Xdrmem.Getbytes.Integer.Overflow

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

Threat Intelligence
Center