Gentoo Linux Security Advisory 201611-17 - A buffer overflow in RPCBind might allow remote attackers to cause a Denial of Service. Versions less than 0.2.3-r1 are affected.
afd05a0c233637b1e7809dcbcc7edbb1b672dd4a08a6ed63f1e333c2983b0d87
Red Hat Security Advisory 2016-0005-01 - The rpcbind utility is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote attacker could possibly exploit this flaw to crash the rpcbind service by performing a series of UDP and TCP calls. All rpcbind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the rpcbind service is running, it will be automatically restarted after installing this update.
ba77d1ef8f14f6a9cc7ef813be30ad166ae7d317dfe5cfad13ef388020ea8b53
Ubuntu Security Notice 2756-1 - It was discovered that rpcbind incorrectly handled certain memory structures. A remote attacker could use this issue to cause rpcbind to crash, resulting in a denial of service, or possibly execute arbitrary code.
cdcff91e5e16c758d27403bf9780a6aff9cdbee68ff06393dc5e465dcfb25915
FreeBSD Security Advisory - In rpcbind(8), netbuf structures are copied directly, which would result in two netbuf structures that reference to one shared address buffer. When one of the two netbuf structures is freed, access to the other netbuf structure would result in an undefined result that may crash the rpcbind(8) daemon. A remote attacker who can send specifically crafted packets to the rpcbind(8) daemon can cause it to crash, resulting in a denial of service condition.
3878ab5590562a5fd5ca50aa28fff88a0aafae68e4b7788d01ccb77fe3e7103d
Debian Linux Security Advisory 3366-1 - A remotely triggerable use-after-free vulnerability was found in rpcbind, a server that converts RPC program numbers into universal addresses. A remote attacker can take advantage of this flaw to mount a denial of service (rpcbind crash).
98be0a92a93f054d0e77b6763c292f565ae1d55068b02c508f3de091e937e53d