VulniosVulnios
All Threat Alerts
criticalCVE Alert
CVE-2002-0391

Critical Vulnerability: CVE-2002-0391 — freebsd, openbsd — freebsd, openbsd

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

Thursday, April 16, 2026freebsd, openbsdVulnios Threat Intelligence
Share:

Executive Summary

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

Why It Matters

CVE-2002-0391 is rated CRITICAL severity, requiring immediate attention from security teams.

CVSS Base Score: 9.8/10

Affected Technologies

Vendors: freebsd, openbsd, sun, microsoft

Products: freebsd, openbsd, solaris, sunos, windows_2000, windows_nt, windows_xp

🛡️What Defenders Should Check

  • Check if you are affected — Review your asset inventory for products listed in CVE-2002-0391.
  • Apply available patches — Visit vendor advisories for the latest security updates.
  • Monitor for exploitation — Check your SIEM/IDS logs for related indicators.

    • Use Vulnios to continuously monitor your exposure to CVE-2002-0391 and similar vulnerabilities.

    References & Sources

  • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt
  • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc
  • ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A
  • ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P
  • http://archives.neohapsis.com/archives/aix/2002-q4/0002.html
  • http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html
  • http://archives.neohapsis.com/archives/hp/2002-q3/0077.html
  • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823
  • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000515
  • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535

    • AI Security Advisor

    Powered by Gemini

    Get AI-powered security recommendations tailored to this specific threat — including risk assessment, detection guidance, MITRE ATT&CK mapping, and actionable remediation steps.

    Affected Products

    freebsdopenbsdsolarissunoswindows_2000windows_ntwindows_xp

    Sources

    critical

    Protect Your Organization

    Monitor CVEs, scan for vulnerabilities, and get real-time threat alerts — all in one platform.

    Get Started FreeFree Security ScanOSINT Dashboard

    Get instant alerts on Telegram

    Join our public channel for real-time critical CVE alerts.

    Follow @vulnios