Description: A vulnerability identified in multiple *NIX operating systems and software can be exploited by malicious people to conduct a DoS attack (Denial of Service) on a vulnerable system or potentially compromise it.
The vulnerability is caused by an integer overflow in the xdrmem_getbytes() function, which can lead to dynamic memory allocation errors. It has furthermore been reported that other functions in the xdrmem_*() family also may suffer from identical errors.
A malicious person can exploit the vulnerability by sending specially crafted RPC packets to various RPC services. Depending on how a vulnerable function is used by a program, this can result in a DoS (Denial of Service) or execution of arbitrary code.
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.