CVE-2003-0028
glibc - Remote Code Execution via Integer Overflow in xdrmem_getbytes
Title source: llmDescription
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
References (25)
Core 25
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/315638/30/25430/threaded
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-091.html
Various Sources vendor-advisory
x_refsource_engarde
http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2003:037
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-052.html
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.cert.org/advisories/CA-2003-10.html
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20150122-0002/
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2003/dsa-282
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/316960/30/25250/threaded
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2003_027_glibc.html
Exploit, Vendor Advisory third-party-advisory
x_refsource_eeye
http://www.eeye.com/html/Research/Advisories/AD20030318.html
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/516825
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104860855114117&w=2
Vendor Advisory vendor-advisory
x_refsource_netbsd
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc
Mailing List vendor-advisory
x_refsource_trustix
http://marc.info/?l=bugtraq&m=104878237121402&w=2
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/316931/30/25250/threaded
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-051.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104810574423662&w=2
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2003/dsa-266
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-089.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104811415301340&w=2
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105362148313082&w=2
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2003/dsa-272
Scores
EPSS
0.5605
EPSS Percentile
98.1%
Details
Status
published
Products (38)
cray/unicos
6.0
cray/unicos
6.0e
cray/unicos
6.1
cray/unicos
7.0
cray/unicos
8.0
cray/unicos
8.3
cray/unicos
9.0
cray/unicos
9.0.2.5
cray/unicos
9.2
cray/unicos
9.2.4
... and 28 more
Published
Mar 25, 2003
Tracked Since
Feb 18, 2026