SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Rpcbind Vendors:   libtirpc.sourceforge.net
(CentOS Issues Fix) Rpcbind Pointer Error Lets Remote Users Cause the Target Service to Crash
SecurityTracker Alert ID:  1034635
SecurityTracker URL:  http://securitytracker.com/id/1034635
CVE Reference:   CVE-2015-7236   (Links to External Site)
Date:  Jan 9 2016
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Rpcbind. A remote user can cause the target service to crash.

A remote user can send specifically crafted packets to the target rpcbind daemon to trigger a netbuf pointer management flaw and cause the target service to crash.

Impact:   A remote user can cause the target service to crash.
Solution:   CentOS has issued a fix.

i386:
48da75e0342f0d61c3ffb1d1180b3c420464fefd4582cf8c74a3e10fd06ca15f rpcbind-0.2.0-11.el6_7.i686.rpm

x86_64:
cc83047f165caaeeef38e29677bc30cfd200046f1c948aad2ca85b05ccdc73e2 rpcbind-0.2.0-11.el6_7.x86_64.rpm

Source:
bea5c5f928218e7485d3b5811d538e540af215e24bdb2544dec23937f8a3bc1e rpcbind-0.2.0-11.el6_7.src.rpm

x86_64:
369ecb9959238ee1ebbec425b58b20dba1002d5e36fab10d30ee092f5a350738 rpcbind-0.2.0-33.el7_2.x86_64.rpm

Source:
158d51f0ef2bb1d612ae5c5d96c7cee8ffb763538cf63120c24d225ce8b3b346 rpcbind-0.2.0-33.el7_2.src.rpm

Cause:   Access control error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  6, 7

Message History:   This archive entry is a follow-up to the message listed below.
Sep 29 2015 Rpcbind Pointer Error Lets Remote Users Cause the Target Service to Crash



 Source Message Contents

Subject:  [CentOS-announce] CESA-2016:0005 Moderate CentOS 6 rpcbind Security Update


CentOS Errata and Security Advisory 2016:0005 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0005.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
48da75e0342f0d61c3ffb1d1180b3c420464fefd4582cf8c74a3e10fd06ca15f  rpcbind-0.2.0-11.el6_7.i686.rpm

x86_64:
cc83047f165caaeeef38e29677bc30cfd200046f1c948aad2ca85b05ccdc73e2  rpcbind-0.2.0-11.el6_7.x86_64.rpm

Source:
bea5c5f928218e7485d3b5811d538e540af215e24bdb2544dec23937f8a3bc1e  rpcbind-0.2.0-11.el6_7.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC