CVE-2008-4619

Sunos - Denial of Service

Title source: rule

Description

The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of CVE-2007-0165.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Federico L. Bossi Bonin · cdossolaris

https://www.exploit-db.com/exploits/6775

View Code ZIP pw:eip

References (10)

[Vendor Advisory] http://secunia.com/advisories/32475

[Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-66-200412-1

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46057

[Vendor Advisory] https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00819.html

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6775

[Mailing List] http://www.openwall.com/lists/oss-security/2008/10/28/2

[Mailing List] http://www.openwall.com/lists/oss-security/2008/10/29/1

[Mailing List] http://www.openwall.com/lists/oss-security/2008/10/31/2

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/2945

[Third Party Advisory] http://securityreason.com/securityalert/4440

Scores

EPSS 0.0893

EPSS Percentile 92.6%

Details

Status published

Products (1)

sun/sunos 5.9

Published Oct 21, 2008

Tracked Since Feb 18, 2026