Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations | |||
---|---|---|---|
Name | MS02-057 | First vendor Publication | N/A |
Vendor | Microsoft | Last vendor Modification | N/A |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Flaw in Services for Unix 3.0 Interix SDK Could Allow Code Execution (Q329209) |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-92 | Forced Integer Overflow |
CAPEC-128 | Integer Attacks |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:42 | |||
Oval ID: | oval:org.mitre.oval:def:42 | ||
Title: | Solaris 7 RPC xdr_array Buffer Overflow | ||
Description: | Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2002-0391 | Version: | 4 |
Platform(s): | Sun Solaris 7 | Product(s): | libnsl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:4728 | |||
Oval ID: | oval:org.mitre.oval:def:4728 | ||
Title: | SunRPC xdr_array Function Integer Overflow | ||
Description: | Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2002-0391 | Version: | 2 |
Platform(s): | Sun Solaris 7 | Product(s): | Sun RPC |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9 | |||
Oval ID: | oval:org.mitre.oval:def:9 | ||
Title: | Solaris 8 RPC xdr_array Buffer Overflow | ||
Description: | Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2002-0391 | Version: | 4 |
Platform(s): | Sun Solaris 8 | Product(s): | libnsl |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 142-1 (openafs) File : nvt/deb_142_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 143-1 (krb5) File : nvt/deb_143_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 146-1 (dietlibc) File : nvt/deb_146_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 146-2 (dietlibc) File : nvt/deb_146_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 149-1 (glibc) File : nvt/deb_149_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 149-2 (glibc) File : nvt/deb_149_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 333-1 (acm) File : nvt/deb_333_1.nasl |
2005-11-03 | Name : Sun rpc.cmsd overflow File : nvt/rpc_cmsd_overflow.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
16003 | Multiple Vendor SunRPC XDR Primitive xdr_array Remote Overflow SunRPC as used by several operating systems contain a flaw that may allow a remote attacker to gain privileges. The issue is due to the RPC servers using libc, glibc or other code based on SunRPC not properly sanitizing user-supplied input. By passing a large number of arguments to the xdr_array function to RPC services such as rpc.cmsd or dmispd, an attacker can leverage an integer overflow to execute arbitrary code. |
14509 | Microsoft Services for Unix Malformed RPC Client Fragment Packet DoS |
14497 | Microsoft Services for Unix RPC Library Malformed Packet Fragment DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | CMSD TCP CMSD_CREATE array buffer overflow attempt RuleID : 2095-community - Revision : 14 - Type : PROTOCOL-RPC |
2014-01-10 | CMSD TCP CMSD_CREATE array buffer overflow attempt RuleID : 2095 - Revision : 14 - Type : PROTOCOL-RPC |
2014-01-10 | CMSD UDP CMSD_CREATE array buffer overflow attempt RuleID : 2094-community - Revision : 18 - Type : PROTOCOL-RPC |
2014-01-10 | CMSD UDP CMSD_CREATE array buffer overflow attempt RuleID : 2094 - Revision : 18 - Type : PROTOCOL-RPC |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-142.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-143.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-146.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-149.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-333.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2002-057.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2002-061.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2002_031.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2002-167.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2002-173.nasl - Type : ACT_GATHER_INFO |
2003-03-19 | Name : Arbitrary code may be run on the remote server. File : rpc_cmsd_overflow.nasl - Type : ACT_DESTRUCTIVE_ATTACK |