Vulnerabilities > Rpcbind Project

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-29	CVE-2010-2064	Link Following vulnerability in Rpcbind Project Rpcbind 0.2.0 rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr. local low complexity rpcbind-project CWE-59	7.1
2019-10-29	CVE-2010-2061	Improper Input Validation vulnerability in Rpcbind Project Rpcbind 0.2.0 rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started. local low complexity rpcbind-project CWE-20	7.8
2017-05-04	CVE-2017-8779	Allocation of Resources Without Limits or Throttling vulnerability in multiple products rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. network low complexity rpcbind-project libtirpc-project ntirpc-project CWE-770	7.5
2015-10-01	CVE-2015-7236	Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code. network low complexity rpcbind-project canonical debian oracle	7.5

Vulnerabilities > Rpcbind Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Rpcbind Project"}]}