CVE-2010-2061

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
29/10/2019
Last modified:
21/11/2024

Description

rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:rpcbind_project:rpcbind:0.2.0:*:*:*:*:*:*:*