CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7236

Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.082

EPSS Ranking 91.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2015-7236

Rpcbind Project » Rpcbind » Version: 0.1.4

cpe:2.3:a:rpcbind_project:rpcbind:0.1.4
Rpcbind Project » Rpcbind » Version: 0.1.5

cpe:2.3:a:rpcbind_project:rpcbind:0.1.5
Rpcbind Project » Rpcbind » Version: 0.1.6

cpe:2.3:a:rpcbind_project:rpcbind:0.1.6
Rpcbind Project » Rpcbind » Version: 0.1.7

cpe:2.3:a:rpcbind_project:rpcbind:0.1.7
Rpcbind Project » Rpcbind » Version: 0.2.0

cpe:2.3:a:rpcbind_project:rpcbind:0.2.0
Rpcbind Project » Rpcbind » Version: 0.2.1

cpe:2.3:a:rpcbind_project:rpcbind:0.2.1
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 15.04

cpe:2.3:o:canonical:ubuntu_linux:15.04
Debian » Debian Linux » Version: 7.0

cpe:2.3:o:debian:debian_linux:7.0
Oracle » Solaris » Version: 10

cpe:2.3:o:oracle:solaris:10
Oracle » Solaris » Version: 11.3

cpe:2.3:o:oracle:solaris:11.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7236

Products

Pricing

Contact Us