CVE-2002-0039 - Unspecified vulnerability in SGI Irix

Summary

rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.

Risk level (CVSS 5.0)

Medium

5.0

Access Vector

Network
Adjacent Network
Local

Access Complexity

Low
Medium
High

Authentication

None
Single
Multiple

Confident. Impact

Complete
Partial
None

Integrity Impact

Complete
Partial
None

Affected Products

SGI Irix 6.5
SGI Irix 6.5.1
SGI Irix 6.5.2
SGI Irix 6.5.3
SGI Irix 6.5.4
SGI Irix 6.5.5
SGI Irix 6.5.6
SGI Irix 6.5.7
SGI Irix 6.5.8
SGI Irix 6.5.9
SGI Irix 6.5.10
SGI Irix 6.5.11F
SGI Irix 6.5.11M
SGI Irix 6.5.12F
SGI Irix 6.5.12M
SGI Irix 6.5.13F
SGI Irix 6.5.13M
SGI Irix 6.5.14F
SGI Irix 6.5.14M
SGI Irix 6.5.15F
SGI Irix 6.5.15M

External references

ftp://patches.sgi.com/support/free/security/advisories/20020306-01-P

Related CVE

Date	CVE	Title	CVSS
2002-03-28	CVE-2002-0040	Unspecified vulnerability in SGI Irix	2.1