// For flags

CVE-2017-8779

RPCBind / libtirpc - Denial of Service

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.

Rpcbind versión 0.2.4, LIBTIRPC versión 1.0.1 y versiones 1.0.2-rc a 1.0.2-rc3, y NTIRPC versión 1.4.3, no consideran el tamaño máximo de datos RPC durante la asignación de memoria para cadenas XDR, lo que permite a atacantes remotos causar una denegación de servicio (consumo de memoria sin liberación) a través de un paquete UDP manipulado enviado al puerto 111, también conocido como rpcbomb.

It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-05-04 CVE Reserved
  • 2017-05-04 CVE Published
  • 2024-08-04 EPSS Updated
  • 2024-08-05 CVE Updated
  • 2024-08-05 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-400: Uncontrolled Resource Consumption
  • CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Rpcbind Project
Search vendor "Rpcbind Project"
Rpcbind
Search vendor "Rpcbind Project" for product "Rpcbind"
<= 0.2.4
Search vendor "Rpcbind Project" for product "Rpcbind" and version " <= 0.2.4"
-
Affected
Libtirpc Project
Search vendor "Libtirpc Project"
Libtirpc
Search vendor "Libtirpc Project" for product "Libtirpc"
<= 1.0.1
Search vendor "Libtirpc Project" for product "Libtirpc" and version " <= 1.0.1"
-
Affected
Ntirpc Project
Search vendor "Ntirpc Project"
Ntirpc
Search vendor "Ntirpc Project" for product "Ntirpc"
<= 1.4.3
Search vendor "Ntirpc Project" for product "Ntirpc" and version " <= 1.4.3"
-
Affected