Slackware Advisory SSA:2003-141-03 Glibc XDR Overflow Fix Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2003-141-03.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2003-141-03

Insight

An integer overflow in the xdrmem_getbytes() function found in the glibc library has been fixed. This could allow a remote attacker to execute arbitrary code by exploiting RPC service that use xdrmem_getbytes(). None of the default RPC services provided by Slackware appear to use this function, but third-party applications may make use of it. We recommend upgrading to these new glibc packages.

Severity

Classification

CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Slackware Advisory SSA:2007-207-01 bind
Slackware Advisory SSA:2006-045-07 php
Slackware Advisory SSA:2005-195-02 XV
Slackware Advisory SSA:2003-141-06 quotacheck security fix in rc.M
Slackware Advisory SSA:2004-124-04 libpng update

Slackware Advisory SSA:2003-141-03 glibc XDR overflow fix

Take action and discover your vulnerabilities