PT-2002-2139 · Sun Microsystems+1 · Sun Microsystems Rpc Library Services For Unix 3.0 Interix Sd+3

Published

2002-10-11

Updated

2018-10-12

CVE-2002-1140

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Sun Microsystems RPC library Services for Unix 3.0 Interix SD on Microsoft Windows NT4, 2000, and XP

Description: The issue allows remote attackers to cause a denial of service, resulting in a service hang, via malformed packet fragments. This is due to an improper parameter size check.

Recommendations: For Microsoft Windows NT4, 2000, and XP with Sun Microsystems RPC library Services for Unix 3.0 Interix SD, consider restricting access to the RPC services to minimize the risk of exploitation until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1140

Affected Products

Windows 2000

Windows Nt4

Windows Xp

Sun Microsystems Rpc Library Services For Unix 3.0 Interix Sd

PT-2002-2139 · Sun Microsystems+1 · Sun Microsystems Rpc Library Services For Unix 3.0 Interix Sd+3

CVE-2002-1140

Related Identifiers

Affected Products

References · 4