CVE-2002-1265

To: debian-glibc@lists.debian.org
Subject: CVE-2002-1265
From: Djoume SALVETTI <salvetti@crans.org>
Date: Mon, 22 Nov 2004 15:39:47 +0100
Message-id: <[🔎] 20041122143946.GF32239@krepost.taket.org>

Good day,

In CVE-2002-1265 said :

| The Sun RPC functionality in multiple libc implementations does not
| provide a time-out mechanism when reading data from TCP connections,
| which allows remote attackers to cause a denial of service (hang).

According to http://www.securityfocus.com/bid/6103/info/
Debian glibc has been vulnerable to this.

I have search throw changelogs (both Debian and upstream) but I can't
find any reference to this problem. This seems to be another problem
than CAN-2003-10 "Integer overflow in Sun RPC XDR library routines"
mention in bug #185508

Does anybody know which version fix this?

Regards.
-- 
Djoumé SALVETTI

Reply to:

Prev by Date: Bug#282128: please refer to other locale manpages
Next by Date: Bug#279680: Housekeeping
Previous by thread: Processed: Re: Bug#282091: libc6: pthread_exit called in main exits the whole process even if other threads are running
Next by thread: Bug#279680: Housekeeping
Index(es):
- Date
- Thread