Juniper Networks, Inc. Information for VU#192995
Integer overflow in xdr_array() function when deserializing the XDR stream
- Vendor Information Help Date Notified: 30 Jul 2002
- Statement Date:
- Date Updated: 01 Aug 2002
The Juniper Networks SDX-300 Service Deployment System (SSC) does use XDR for communication with an ERX edge router, but does not make use of the Sun RPC libraries. The SDX-300 product is not vulnerable to the Sun RPC XDR buffer overflow as outlined in this CERT advisory.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.