CVE-2013-1950

Libtirpc < 0.2.3 - Resource Management Error

Title source: rule

Description

The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service (rpcbind crash) via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer.

Exploits (1)

exploitdb WORKING POC

by Sean Verity · rubydoslinux

https://www.exploit-db.com/exploits/26887

View Code ZIP pw:eip

References (3)

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=948378

[Various Sources] http://git.infradead.org/users/steved/libtirpc.git/commitdiff/a9f437119d79a438cb12e510f3cadd4060102c9f

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2013-0884.html

Scores

EPSS 0.0884

EPSS Percentile 92.6%

Details

CWE

CWE-399

Status published

Products (8)

libtirpc_project/libtirpc 0.1.8

libtirpc_project/libtirpc 0.1.9

libtirpc_project/libtirpc 0.1.10

libtirpc_project/libtirpc 0.1.11

libtirpc_project/libtirpc 0.2.0

libtirpc_project/libtirpc 0.2.1

libtirpc_project/libtirpc 0.2.2

libtirpc_project/libtirpc < 0.2.3

Published Jul 09, 2013

Tracked Since Feb 18, 2026