Common Vulnerabilities and Exposures |
|
||||
| CVE-ID | ||
|---|---|---|
CVE-2017-8779 |
• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
|
|
| Description | ||
| rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. | ||
| References | ||
| Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. | ||
|
||
| Assigning CNA | ||
| MITRE Corporation | ||
| Date Entry Created | ||
| 20170504 | Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE. | |
| Phase (Legacy) | ||
| Assigned (20170504) | ||
| Votes (Legacy) | ||
| Comments (Legacy) | ||
| Proposed (Legacy) | ||
| N/A | ||
| This is an entry on the CVE list, which standardizes names for security problems. | ||
|
You can also search by reference using the CVE Reference Maps.
|
||
| For More Information: cve@mitre.org | ||
