Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability

Rpcbind is prone to a remote denial-of-service vulnerability.

Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users.

Rpcbind 0.2.4 and prior versions are vulnerable.

Information

Bugtraq ID: 98325
Class: Design Error
CVE: CVE-2017-8779

Remote: Yes
Local: No
Published: May 03 2017 12:00AM
Updated: May 05 2017 06:06PM
Credit: Guido Vranken
Vulnerable: RPCBind RPCBind 0.2.4
RPCBind RPCBind 0.2
Redhat Gluster Storage 3.0
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Ceph Storage 2
NTIRPC NTIRPC 1.4.3
NTIRPC NTIRPC 1.4
libtirpc libtirpc 1.0.1
libtirpc libtirpc 0.1.7
libtirpc libtirpc 1.0.2-rc3
libtirpc libtirpc 1.0.2-rc
libtirpc libtirpc 0.2.3

Not Vulnerable:

Exploit

The researcher has created an exploit code to demonstrate the issue. Please see the references for more information.

References:

• guidovranken/rpcbomb (guidovranken)
  
• guidovranken/rpcbomb (guidovranken)
  
• RPCBind Homepage (RPCBind)
  
• Bug 1448124 - (CVE-2017-8779) CVE-2017-8779 libtirpc, libntirpc: Memory leak wh (bugzilla)
  
• rpcbomb: remote rpcbind denial-of-service + patches (Guido Vranken)
  

Source: www.securityfocus.com