Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
rpcbind 资源管理错误漏洞
Vulnerability Description
NTIRPC是一个使用在Linux系统中的用于nfs-ganesha的运输的独立RPC库。LIBTIRPC是一个使用在Linux系统中的包含支持使用远程过程调用(RPC)API程序的库的软件包。rpcbind是一个使用在Linux系统中的将RPC程序编号转换为通用地址的服务器。 rpcbind、LIBTIRPC和NTIRPC中存在资源管理错误漏洞,该漏洞源于程序在为XDR字符串分配内存时,没有确定最大RPC数据的大小。攻击者可通过向111端口发送特制的UDP数据包利用该漏洞造成拒绝服务(内存消耗)。以下产
CVSS Information
N/A
Vulnerability Type
N/A