Definition


New Search

AIX rpc.pcnfsd integer overflow vulnerability.

oval:org.mitre.oval:def:12103

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1 5.3 and earlier; IBM VIOS 2.1 1.5 and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11 B.11.23 and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • IBM AIX 6.1
  • IBM AIX 5.3
Class:
vulnerability
Reference(s):
  • CVE-2010-1039
Product(s):