Searching rpc software vulnerabilities

pcnfsd (aka rpc.pcnfsd) allows local users to c

pcnfsd |

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.


Denial of service in RPC portmapper allows atta

portmapper | unregister | attackers | register | services | address | service | spoofed | source | allows | Denial | spoof | using | such | RPC |

Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.


The NIS+ rpc.nisd server allows remote attacker

authentication | information | attackers | certain | logging | disable | without | rpcnisd | execute | obtain | system | caches | remote | modify | server | allows | calls | NIS+ | RPC |

The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.


Frontpage Server Extensions allows remote attac

Extensions | /_vti_bin/ | determine | anonymous | directory | attackers | Frontpage | shtmldll | virtual | request | account | allows | Server | remote | name | POST | via | RPC |

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.


cachefsd in Solaris 2.6, 7, and 8 allows remote

attackers | cachefsd | service | Solaris | denial | allows | remote | cause |

cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.


The RPC component in Windows 2000, Windows NT 4

component | Windows | RPC |

The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.


Buffer overflow in certain RPC routines in IBM

"variable | arbitrary | attackers | routines | overflow | execute | related | certain | Buffer | type" | allow | code | data | RPC | IBM | may | AIX |

Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code, related to a "variable data type."


saned in sane-backends 1.0.7 and earlier does n

sane-backends | saned |

saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.


Buffer overflow in the Microsoft Message Queue

Microsoft | overflow | Manager | Message | Buffer | Queue |

Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a denial of service (RPC service crash) via a queue registration request.


Unknown vulnerability in UDP RPC for Solaris 2.

vulnerability | Solaris | Unknown | RPC | UDP |

Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.


Unknown vulnerability in rpc.mountd for SGI IRI

vulnerability | rpcmountd | Unknown | IRIX | SGI |

Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests.


Eval injection vulnerability in PEAR XML_RPC 1.

vulnerability | injection | XML_RPC | PEAR | Eval |

Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.


Unspecified vulnerability in the ONC RPC dissec

vulnerability | Unspecified | dissector | Ethereal | ONC | RPC |

Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption).


Multiple heap-based buffer overflows in EMC Leg

heap-based | overflows | NetWorker | Multiple | Legato | buffer | before | 71x | EMC |

Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).


Microsoft Windows 2000 SP4 does not properly va

Microsoft | Windows |

Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability."


Distributed SLS daemon (SLSd) on HP-UX B.11.11

Distributed | daemon | SLS |

Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request.


The RPC service in mediasvr.exe in CA BrightSto

mediasvrexe | BrightStor | ARCserve | service | Backup | RPC |

The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request.


The gssrpc__svcauth_gssapi function in the RPC

gssrpc__svcauth_gssapi | Kerberos | function | library | MIT | RPC |

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.


Stack-based buffer overflow in the svcauth_gss_

lib/rpc/svc_auth_gssc | svcauth_gss_validate | Stack-based | RPCSEC_GSS | function | overflow | library | buffer | RPC |

Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.


The WebService (XML-RPC) interface in Bugzilla

WebService |

The WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 does not enforce permissions for the time-tracking fields of bugs, which allows remote attackers to obtain sensitive information via certain XML-RPC requests, as demonstrated by the (1) Deadline and (2) Estimated Time fields.


Software vulnerabilities results 1 to 20 of 98     
Page: 12345