Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2013:0884
HistoryMay 30, 2013 - 8:28 p.m.

libtirpc security update

2013-05-3020:28:52
CentOS Project
lists.centos.org
61

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.171 Low

EPSS

Percentile

96.1%

JSON

CentOS Errata and Security Advisory CESA-2013:0884

These packages provide a transport-independent RPC (remote procedure call)
implementation.

A flaw was found in the way libtirpc decoded RPC requests. A
specially-crafted RPC request could cause libtirpc to attempt to free a
buffer provided by an application using the library, even when the buffer
was not dynamically allocated. This could cause an application using
libtirpc, such as rpcbind, to crash. (CVE-2013-1950)

Red Hat would like to thank Michael Armstrong for reporting this issue.

Users of libtirpc should upgrade to these updated packages, which contain a
backported patch to correct this issue. All running applications using
libtirpc must be restarted for the update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-May/081930.html

Affected packages:
libtirpc
libtirpc-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2013:0884

Related

nessus 9
f5 2
openvas 6
veracode 1
debiancve 1
oraclelinux 1
amazon 1
zdt 1
cvelist 1
ubuntucve 1
cve 1
redhat 2
prion 1
packetstorm 1
fedora 1
nvd 1
nessus
nessus
Fedora 19 : libtirpc-0.2.3-2.fc19 (2013-6262)
2013-04-29 00:00:00
Oracle Linux 6 : libtirpc (ELSA-2013-0884)
2013-07-12 00:00:00
CentOS 6 : libtirpc (CESA-2013:0884)
2013-05-31 00:00:00
f5
f5
K19157044 : libtirpc vulnerability CVE-2013-1950
2016-02-18 00:00:00
SOL19157044 - libtirpc vulnerability CVE-2013-1950
2016-02-18 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2013-199)
2015-09-08 00:00:00
Oracle: Security Advisory (ELSA-2013-0884)
2015-10-06 00:00:00
CentOS Update for libtirpc CESA-2013:0884 centos6
2013-05-31 00:00:00
veracode
veracode
Denial Of Service (Dos)
2019-01-15 08:54:20
debiancve
debiancve
CVE-2013-1950
2013-07-09 17:55:00
oraclelinux
oraclelinux
libtirpc security update
2013-05-30 00:00:00
amazon
amazon
Medium: libtirpc
2013-06-11 22:45:00
zdt
zdt
rpcbind (CALLIT Procedure) UDP Crash PoC
2013-07-16 00:00:00
cvelist
cvelist
CVE-2013-1950
2013-07-09 17:00:00
ubuntucve
ubuntucve
CVE-2013-1950
2013-07-09 00:00:00
cve
cve
CVE-2013-1950
2013-07-09 17:55:00
redhat
redhat
(RHSA-2013:0884) Moderate: libtirpc security update
2013-05-30 00:00:00
(RHSA-2013:1076) Important: rhev-hypervisor6 security and bug fix update
2013-07-16 00:00:00
prion
prion
Design/Logic Flaw
2013-07-09 17:55:00
packetstorm
packetstorm
rpcbind CALLIT UDP Crash
2013-07-17 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: libtirpc-0.2.3-2.fc19
2013-04-27 03:14:23
nvd
nvd
CVE-2013-1950
2013-07-09 17:55:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.171 Low

EPSS

Percentile

96.1%

JSON
Related for CESA-2013:0884
nessus9f52openvas6veracode1debiancve1oraclelinux1amazon1zdt1cvelist1ubuntucve1cve1redhat2prion1packetstorm1fedora1nvd1