CVE-2015-7236HIGH
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
References
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171030.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172152.html
http://www.debian.org/security/2015/dsa-3366
http://www.openwall.com/lists/oss-security/2015/09/17/1
http://www.openwall.com/lists/oss-security/2015/09/17/6
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/76771
http://www.securitytracker.com/id/1033673
http://www.spinics.net/lists/linux-nfs/msg53045.html
http://www.ubuntu.com/usn/USN-2756-1
https://security.FreeBSD.org/advisories/FreeBSD-SA-15:24.rpcbind.asc
Details
Source: MITRE
Published: 2015-10-01
Updated: 2017-07-01
Type: NVD-CWE-Other
Risk Information
CVSS v2
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
CVSS v3
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 3.9
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:rpcbind_project:rpcbind:*:*:*:*:*:*:*:* versions up to 0.2.1 (inclusive)
Configuration 2
OR
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Configuration 3
OR
cpe:2.3:a:oracle:solaris_operating_system:10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:solaris_operating_system:11.3:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 108520 | Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838) | Nessus | Junos Local Security Checks | critical |
| 108255 | Solaris 10 (x86) : 152265-01 | Nessus | Solaris Local Security Checks | high |
| 107782 | Solaris 10 (sparc) : 152264-01 | Nessus | Solaris Local Security Checks | high |
| 95268 | GLSA-201611-17 : RPCBind: Denial of Service | Nessus | Gentoo Local Security Checks | high |
| 92896 | FreeBSD : FreeBSD -- rpcbind(8) remote denial of service [REVISED] (0e5d6969-600a-11e6-a6c3-14dae9d210b8) | Nessus | FreeBSD Local Security Checks | high |
| 90619 | Oracle Solaris Critical Patch Update : apr2016_SRU11_3_4_5_0 | Nessus | Solaris Local Security Checks | high |
| 90089 | Solaris 10 (x86) : 152265-01 (deprecated) | Nessus | Solaris Local Security Checks | high |
| 90085 | Solaris 10 (sparc) : 152264-01 (deprecated) | Nessus | Solaris Local Security Checks | high |
| 89840 | Amazon Linux AMI : rpcbind (ALAS-2016-659) | Nessus | Amazon Linux Local Security Checks | high |
| 89339 | Fedora 22 : rpcbind-0.2.3-0.3.fc22 (2015-9eee2fbc78) | Nessus | Fedora Local Security Checks | high |
| 89208 | Fedora 23 : rpcbind-0.2.3-0.4.fc23 (2015-36b145bd37) | Nessus | Fedora Local Security Checks | high |
| 87813 | Scientific Linux Security Update : rpcbind on SL6.x, SL7.x i386/x86_64 (20160107) | Nessus | Scientific Linux Local Security Checks | high |
| 87805 | RHEL 6 / 7 : rpcbind (RHSA-2016:0005) | Nessus | Red Hat Local Security Checks | high |
| 87792 | Oracle Linux 6 / 7 : rpcbind (ELSA-2016-0005) | Nessus | Oracle Linux Local Security Checks | high |
| 87778 | CentOS 6 / 7 : rpcbind (CESA-2016:0005) | Nessus | CentOS Local Security Checks | high |
| 86345 | SUSE SLES11 Security Update : rpcbind (SUSE-SU-2015:1706-2) | Nessus | SuSE Local Security Checks | high |
| 86344 | SUSE SLED11 / SLES11 Security Update : rpcbind (SUSE-SU-2015:1706-1) | Nessus | SuSE Local Security Checks | high |
| 86343 | SUSE SLED12 Security Update : rpcbind (SUSE-SU-2015:1705-2) | Nessus | SuSE Local Security Checks | high |
| 86342 | SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1) | Nessus | SuSE Local Security Checks | high |
| 86220 | Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : rpcbind vulnerability (USN-2756-1) | Nessus | Ubuntu Local Security Checks | high |
| 86108 | Debian DSA-3366-1 : rpcbind - security update | Nessus | Debian Local Security Checks | high |
| 86021 | Debian DLA-311-1 : rpcbind security update | Nessus | Debian Local Security Checks | high |