← back
CVE-2013-1950

CVE-2013-1950

EPSS 6.5%
The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service (rpcbind crash) via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/26887unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://git.infradead.org/users/steved/libtirpc.git/commitdiff/a9f437119d79a438cb12e510f3cadd4060102c9fhttp://rhn.redhat.com/errata/RHSA-2013-0884.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=948378