Resource management error in linux-nfs libtirpc
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2013-1950 |
| CWE-ID | CWE-399 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
libtirpc Universal components / Libraries / Libraries used by multiple products |
| Vendor | linux-nfs.org |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Resource management error
EUVDB-ID: #VU33685
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2013-1950
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service (rpcbind crash) via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer.
MitigationInstall update from vendor's website.
Vulnerable software versionslibtirpc: 0.1.8 - 0.2.2
External linkshttp://git.infradead.org/users/steved/libtirpc.git/commitdiff/a9f437119d79a438cb12e510f3cadd4060102c9f
http://rhn.redhat.com/errata/RHSA-2013-0884.html
http://bugzilla.redhat.com/show_bug.cgi?id=948378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
