ID CVE-2002-0679
Summary Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
References
Vulnerable Configurations
  • cpe:2.3:a:caldera:unixware:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:caldera:unixware:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:caldera:unixware:7.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:caldera:unixware:7.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:caldera:unixware:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:caldera:unixware:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xi_graphics:dextop:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:xi_graphics:dextop:2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:caldera:openunix:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:caldera:openunix:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*
    cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*
  • cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*
    cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*
  • cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*
    cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*
  • cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*
    cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*
  • cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*
    cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
    cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 30-10-2018 - 16:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2010-09-20T04:00:17.742-04:00
    class vulnerability
    contributors
    • name David Proulx
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Jonathan Baker
      organization The MITRE Corporation
    description Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
    family unix
    id oval:org.mitre.oval:def:177
    status accepted
    submitted 2003-01-29T12:00:00.000-04:00
    title Solaris 7 CDE ToolTalk Database Heap Corruption Vulnerability
    version 33
  • accepted 2010-09-20T04:00:18.506-04:00
    class vulnerability
    contributors
    • name David Proulx
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Jonathan Baker
      organization The MITRE Corporation
    description Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
    family unix
    id oval:org.mitre.oval:def:192
    status accepted
    submitted 2003-01-29T12:00:00.000-04:00
    title Solaris 8 CDE ToolTalk Database Heap Corruption Vulnerability
    version 33
refmap via4
aixapar
  • IY32792
  • IY32793
bid 5444
bugtraq 20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database
caldera CSSA-2002-SCO.28.1
cert CA-2002-26
cert-vn VU#387387
compaq SSRT2274
confirm http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366&zone_32=category%3Asecurity
hp HPSBUX0207-199
xf tooltalk-ttdbserverd-ttcreatefile-bo(9822)
Last major update 30-10-2018 - 16:26
Published 05-09-2002 - 04:00
Back to Top