CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.eeye.com/html/Research/Advisories/AD20030318.html	Exploit Vendor Advisory
http://www.cert.org/advisories/CA-2003-10.html	Patch Third Party Advisory US Government Resource
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html
http://www.kb.cert.org/vuls/id/516825	US Government Resource
http://www.debian.org/security/2003/dsa-282
http://www.redhat.com/support/errata/RHSA-2003-051.html
http://www.redhat.com/support/errata/RHSA-2003-052.html
http://www.redhat.com/support/errata/RHSA-2003-089.html
http://www.redhat.com/support/errata/RHSA-2003-091.html
http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html
http://www.debian.org/security/2003/dsa-266
http://www.debian.org/security/2003/dsa-272
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc
http://www.novell.com/linux/security/advisories/2003_027_glibc.html
http://www.mandriva.com/security/advisories?name=MDKSA-2003:037
http://marc.info/?l=bugtraq&m=104810574423662&w=2
http://marc.info/?l=bugtraq&m=104878237121402&w=2
http://marc.info/?l=bugtraq&m=104860855114117&w=2
http://marc.info/?l=bugtraq&m=105362148313082&w=2
http://marc.info/?l=bugtraq&m=104811415301340&w=2
https://security.netapp.com/advisory/ntap-20150122-0002/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230
http://www.securityfocus.com/archive/1/316960/30/25250/threaded
http://www.securityfocus.com/archive/1/316931/30/25250/threaded
http://www.securityfocus.com/archive/1/315638/30/25430/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gnu:glibc:2.1.1:::::::*
	cpe:2.3:a:gnu:glibc:2.1.2:::::::*
	cpe:2.3:a:gnu:glibc:2.3:::::::*
	cpe:2.3:a:gnu:glibc:2.3.1:::::::*
	cpe:2.3:a:mit:kerberos_5:1.2.5:::::::*
	cpe:2.3:a:mit:kerberos_5:1.2.6:::::::*
	cpe:2.3:a:openafs:openafs:1.0.4a:::::::*
	cpe:2.3:a:openafs:openafs:1.1:::::::*
	cpe:2.3:a:openafs:openafs:1.2.3:::::::*
	cpe:2.3:a:openafs:openafs:1.2.4:::::::*
	cpe:2.3:o:sgi:irix:6.5.1:::::::*
	cpe:2.3:a:openafs:openafs:1.1.1a:::::::*
	cpe:2.3:a:openafs:openafs:1.0:::::::*
	cpe:2.3:o:sgi:irix:6.5.10:::::::*
	cpe:2.3:o:sgi:irix:6.5.10m:::::::*
	cpe:2.3:o:sgi:irix:6.5.15f:::::::*
	cpe:2.3:o:sgi:irix:6.5.18f:::::::*
	cpe:2.3:a:openafs:openafs:1.1.1:::::::*
	cpe:2.3:o:sgi:irix:6.5.12f:::::::*
	cpe:2.3:a:gnu:glibc:2.2.1:::::::*
	cpe:2.3:a:gnu:glibc:2.3.2:::::::*
	cpe:2.3:o:sgi:irix:6.5.15m:::::::*
	cpe:2.3:a:openafs:openafs:1.2.5:::::::*
	cpe:2.3:o:sgi:irix:6.5.18:::::::*
	cpe:2.3:a:openafs:openafs:1.2.6:::::::*
	cpe:2.3:a:openafs:openafs:1.2:::::::*
	cpe:2.3:o:sgi:irix:6.5.10f:::::::*
	cpe:2.3:a:gnu:glibc:2.1.3:::::::*
	cpe:2.3:o:sgi:irix:6.5.13:::::::*
	cpe:2.3:o:sgi:irix:6.5.12m:::::::*
	cpe:2.3:a:gnu:glibc:2.2:::::::*
	cpe:2.3:a:mit:kerberos_5:1.2:::::::*
	cpe:2.3:a:mit:kerberos_5:1.2.7:::::::*
	cpe:2.3:a:gnu:glibc:2.2.2:::::::*
	cpe:2.3:o:sgi:irix:6.5.9f:::::::*
	cpe:2.3:o:sgi:irix:6.5.16m:::::::*
	cpe:2.3:o:sgi:irix:6.5.6:::::::*
	cpe:2.3:o:sgi:irix:6.5.4m:::::::*
	cpe:2.3:o:sgi:irix:6.5.3f:::::::*
	cpe:2.3:a:gnu:glibc:2.2.5:::::::*
	cpe:2.3:a:openafs:openafs:1.2.1:::::::*
	cpe:2.3:o:sgi:irix:6.5.14f:::::::*
	cpe:2.3:o:sgi:irix:6.5.4f:::::::*
	cpe:2.3:o:sgi:irix:6.5.17:::::::*
	cpe:2.3:o:sgi:irix:6.5.13m:::::::*
	cpe:2.3:a:openafs:openafs:1.0.2:::::::*
	cpe:2.3:o:sgi:irix:6.5.9m:::::::*
	cpe:2.3:o:sgi:irix:6.5.7m:::::::*
	cpe:2.3:o:sgi:irix:6.5.9:::::::*
	cpe:2.3:a:openafs:openafs:1.0.1:::::::*
	cpe:2.3:a:gnu:glibc:2.1:::::::*
	cpe:2.3:o:sgi:irix:6.5.19:::::::*
	cpe:2.3:o:sgi:irix:6.5.16f:::::::*
	cpe:2.3:o:sgi:irix:6.5.13f:::::::*
	cpe:2.3:o:sgi:irix:6.5.20:::::::*
	cpe:2.3:a:openafs:openafs:1.3.1:::::::*
	cpe:2.3:a:openafs:openafs:1.2.2:::::::*
	cpe:2.3:o:sgi:irix:6.5.8m:::::::*
	cpe:2.3:o:sgi:irix:6.5.6f:::::::*
	cpe:2.3:o:sgi:irix:6.5.7f:::::::*
	cpe:2.3:a:openafs:openafs:1.3:::::::*
	cpe:2.3:o:sgi:irix:6.5.14:::::::*
	cpe:2.3:o:sgi:irix:6.5.3m:::::::*
	cpe:2.3:o:sgi:irix:6.5.5:::::::*
cpe:2.3:o:sgi:irix:6.5.4:::::::*
cpe:2.3:o:sgi:irix:6.5.11f:::::::*
cpe:2.3:a:gnu:glibc:2.2.3:::::::*
cpe:2.3:o:sgi:irix:6.5.11:::::::*
cpe:2.3:o:sgi:irix:6.5.6m:::::::*
cpe:2.3:o:sgi:irix:6.5.2:::::::*
cpe:2.3:o:sgi:irix:6.5.7:::::::*
cpe:2.3:o:sgi:irix:6.5.18m:::::::*
cpe:2.3:a:gnu:glibc:2.2.4:::::::*
cpe:2.3:o:sgi:irix:6.5.16:::::::*
cpe:2.3:a:mit:kerberos_5:1.2.1:::::::*
cpe:2.3:a:mit:kerberos_5:1.2.2:::::::*
cpe:2.3:a:mit:kerberos_5:1.2.3:::::::*
cpe:2.3:o:sgi:irix:6.5.17f:::::::*
cpe:2.3:o:sgi:irix:6.5.12:::::::*
cpe:2.3:a:openafs:openafs:1.0.4:::::::*
cpe:2.3:a:openafs:openafs:1.2.2b:::::::*
cpe:2.3:o:sgi:irix:6.5.17m:::::::*
cpe:2.3:o:sgi:irix:6.5.2f:::::::*
cpe:2.3:o:sgi:irix:6.5.2m:::::::*
cpe:2.3:o:sgi:irix:6.5.15:::::::*
cpe:2.3:a:openafs:openafs:1.0.3:::::::*
cpe:2.3:o:sgi:irix:6.5.14m:::::::*
cpe:2.3:o:sgi:irix:6.5.3:::::::*
cpe:2.3:o:sgi:irix:6.5.8:::::::*
cpe:2.3:o:sgi:irix:6.5.11m:::::::*
cpe:2.3:o:sgi:irix:6.5.8f:::::::*
cpe:2.3:o:sgi:irix:6.5.5f:::::::*
cpe:2.3:o:sgi:irix:6.5:::::::*
cpe:2.3:o:sgi:irix:6.5.5m:::::::*
cpe:2.3:a:openafs:openafs:1.3.2:::::::*
cpe:2.3:a:openafs:openafs:1.2.2a:::::::*
cpe:2.3:a:mit:kerberos_5:1.2.4:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:cray:unicos:9.0:::::::*
	cpe:2.3:o:cray:unicos:9.0.2.5:::::::*
	cpe:2.3:o:freebsd:freebsd:4.1.1:stable::::::
	cpe:2.3:o:freebsd:freebsd:4.2:::::::*
	cpe:2.3:o:freebsd:freebsd:4.5:::::::*
	cpe:2.3:o:freebsd:freebsd:4.5:release::::::
	cpe:2.3:o:freebsd:freebsd:4.7:stable::::::
	cpe:2.3:o:freebsd:freebsd:5.0:::::::*
	cpe:2.3:o:hp:hp-ux:11.22:::::::*
	cpe:2.3:o:hp:hp-ux_series_700:10.20:::::::*
	cpe:2.3:o:openbsd:openbsd:2.2:::::::*
	cpe:2.3:o:freebsd:freebsd:4.1.1:release::::::
	cpe:2.3:o:hp:hp-ux:11.11:::::::*
	cpe:2.3:o:freebsd:freebsd:4.4:stable::::::
	cpe:2.3:o:openbsd:openbsd:3.1:::::::*
	cpe:2.3:o:openbsd:openbsd:2.9:::::::*
	cpe:2.3:o:openbsd:openbsd:2.1:::::::*
	cpe:2.3:o:sun:sunos:5.7:::::::*
	cpe:2.3:o:sun:sunos:5.8:::::::*
	cpe:2.3:o:freebsd:freebsd:4.7:::::::*
	cpe:2.3:o:openbsd:openbsd:2.0:::::::*
	cpe:2.3:o:cray:unicos:8.3:::::::*
	cpe:2.3:o:freebsd:freebsd:4.4:::::::*
	cpe:2.3:o:openbsd:openbsd:3.2:::::::*
	cpe:2.3:o:sun:solaris:7.0::x86:::::
	cpe:2.3:o:openbsd:openbsd:2.4:::::::*
	cpe:2.3:o:openbsd:openbsd:3.0:::::::*
	cpe:2.3:o:freebsd:freebsd:4.1.1:::::::*
	cpe:2.3:o:cray:unicos:8.0:::::::*
	cpe:2.3:o:hp:hp-ux:11.20:::::::*
	cpe:2.3:o:openbsd:openbsd:2.3:::::::*
	cpe:2.3:o:freebsd:freebsd:4.7:release::::::
	cpe:2.3:o:sun:solaris:8.0::x86:::::
	cpe:2.3:o:hp:hp-ux_series_800:10.20:::::::*
	cpe:2.3:o:openbsd:openbsd:2.8:::::::*
	cpe:2.3:o:sun:solaris:2.5.1::x86:::::
	cpe:2.3:o:freebsd:freebsd:4.6:stable::::::
	cpe:2.3:o:freebsd:freebsd:4.6:release::::::
	cpe:2.3:o:freebsd:freebsd:4.3:stable::::::
	cpe:2.3:o:hp:hp-ux:11.04:::::::*
	cpe:2.3:o:freebsd:freebsd:4.5:stable::::::
	cpe:2.3:o:cray:unicos:9.2.4:::::::*
	cpe:2.3:o:cray:unicos:7.0:::::::*
	cpe:2.3:o:cray:unicos:6.0e:::::::*
	cpe:2.3:o:freebsd:freebsd:4.3:release::::::
	cpe:2.3:o:cray:unicos:6.0:::::::*
	cpe:2.3:o:freebsd:freebsd:4.2:stable::::::
	cpe:2.3:o:ibm:aix:5.2:::::::*
	cpe:2.3:o:sun:solaris:9.0::x86:::::
	cpe:2.3:o:hp:hp-ux:11.00:::::::*
	cpe:2.3:o:openbsd:openbsd:2.7:::::::*
	cpe:2.3:o:freebsd:freebsd:4.1:::::::*
	cpe:2.3:o:hp:hp-ux:10.24:::::::*
	cpe:2.3:o:ibm:aix:4.3.3:::::::*
	cpe:2.3:o:sun:solaris:9.0::sparc:::::
	cpe:2.3:o:sun:sunos:5.5.1:::::::*
	cpe:2.3:o:freebsd:freebsd:4.0:::::::*
	cpe:2.3:o:freebsd:freebsd:4.6:::::::*
	cpe:2.3:o:hp:hp-ux:10.20:::::::*
	cpe:2.3:o:freebsd:freebsd:4.3:::::::*
	cpe:2.3:o:cray:unicos:9.2:::::::*
	cpe:2.3:o:cray:unicos:6.1:::::::*
	cpe:2.3:o:openbsd:openbsd:2.6:::::::*
	cpe:2.3:o:openbsd:openbsd:2.5:::::::*
cpe:2.3:o:ibm:aix:5.1:::::::*
cpe:2.3:o:sun:solaris:2.6:::::::*
cpe:2.3:o:freebsd:freebsd:4.6.2:::::::*
cpe:2.3:o:sun:sunos:-:::::::*

Information

Published : 2003-03-24 21:00

Updated : 2020-01-21 07:45

NVD link : CVE-2003-0028

Mitre link : CVE-2003-0028

JSON object : View

CWE

NVD-CWE-Other

Products Affected

openafs

openafs

sun

solaris
sunos

ibm

freebsd

freebsd

cray

unicos

sgi

irix

hp-ux
hp-ux_series_700
hp-ux_series_800

gnu

glibc

openbsd

openbsd

mit

kerberos_5

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html", "name": "AD20030318", "tags": ["Exploit", "Vendor Advisory"], "refsource": "EEYE"}, {"url": "http://www.cert.org/advisories/CA-2003-10.html", "name": "CA-2003-10", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "refsource": "CERT"}, {"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html", "name": "20030319 EEYE: XDR Integer Overflow", "tags": [], "refsource": "VULNWATCH"}, {"url": "http://www.kb.cert.org/vuls/id/516825", "name": "VU#516825", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.debian.org/security/2003/dsa-282", "name": "DSA-282", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-051.html", "name": "RHSA-2003:051", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-052.html", "name": "RHSA-2003:052", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-089.html", "name": "RHSA-2003:089", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-091.html", "name": "RHSA-2003:091", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html", "name": "ESA-20030321-010", "tags": [], "refsource": "ENGARDE"}, {"url": "http://www.debian.org/security/2003/dsa-266", "name": "DSA-266", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2003/dsa-272", "name": "DSA-272", "tags": [], "refsource": "DEBIAN"}, {"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc", "name": "NetBSD-SA2003-008", "tags": [], "refsource": "NETBSD"}, {"url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html", "name": "SuSE-SA:2003:027", "tags": [], "refsource": "SUSE"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037", "name": "MDKSA-2003:037", "tags": [], "refsource": "MANDRAKE"}, {"url": "http://marc.info/?l=bugtraq&m=104810574423662&w=2", "name": "20030319 EEYE: XDR Integer Overflow", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=104878237121402&w=2", "name": "2003-0014", "tags": [], "refsource": "TRUSTIX"}, {"url": "http://marc.info/?l=bugtraq&m=104860855114117&w=2", "name": "20030325 GLSA: glibc (200303-22)", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=105362148313082&w=2", "name": "20030522 [slackware-security] glibc XDR overflow fix (SSA:2003-141-03)", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=104811415301340&w=2", "name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://security.netapp.com/advisory/ntap-20150122-0002/", "name": "https://security.netapp.com/advisory/ntap-20150122-0002/", "tags": [], "refsource": "CONFIRM"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230", "name": "oval:org.mitre.oval:def:230", "tags": [], "refsource": "OVAL"}, {"url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", "name": "20030331 GLSA: krb5 & mit-krb5 (200303-28)", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded", "name": "20030331 GLSA: dietlibc (200303-29)", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded", "name": "20030319 RE: EEYE: XDR Integer Overflow", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2003-0028", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2003-03-25T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.0.4a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.1.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.10m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.12f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.10f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.12m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.9f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.4m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.4f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.13m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.9m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.7m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.13f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.8m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.6f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.7f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.11f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.6m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.2.2b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.2f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.11m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.8f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.5f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.5m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openafs:openafs:1.2.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:cray:unicos:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:9.0.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:9.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:6.0e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2020-01-21T15:45Z"}

7.5 /10