• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Vendor Sun RPC xdr_array Buffer Overflow Vulnerability

The 'xdr_array()' procedure is used by client/server applications implementing Sun RPC to filter between local C representations of variable length arrays and their machine-independent external data representations (XDR).

A buffer-overflow vulnerability has been reported in the 'xdr_array()' procedure. Remote attackers may exploit this issue through RPC services to execute arbitrary code on target hosts. Since RPC services typically run with root privileges, successful exploits may mean complete compromise.

OpenBSD originally reported that this vulnerability may be exploited by remote attackers to cause a denial of service. If this is a heap-based overflow, the nature of the OpenBSD malloc implementation may allow only a crash. Other platforms that use the same Sun RPC code but a different malloc implementation may allow code execution.