Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0677

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0677
Last Modified 10 Sep 2008 03:12:41
Published 23 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0677

Summary

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

Vulnerable Systems

Operating System

  • Caldera Openunix 8.0

  • Compaq Tru64 4.0f

  • Compaq Tru64 4.0g

  • Compaq Tru64 5.0a

  • Compaq Tru64 5.1

  • Compaq Tru64 5.1a

  • Hp-ux 10.10

  • Hp-ux 10.20

  • Hp-ux 10.24

  • Hp-ux 11.00

  • Hp-ux 11.11

  • Ibm Aix 4.3.3

  • Ibm Aix 5.1

  • Sgi Irix 5.2

  • Sgi Irix 5.3

  • Sgi Irix 6.0

  • Sgi Irix 6.0.1

  • Sgi Irix 6.1

  • Sgi Irix 6.2

  • Sgi Irix 6.3

  • Sgi Irix 6.4

  • Sgi Irix 6.5

  • Sgi Irix 6.5.1

  • Sgi Irix 6.5.10

  • Sgi Irix 6.5.11

  • Sgi Irix 6.5.12

  • Sgi Irix 6.5.13

  • Sgi Irix 6.5.14

  • Sgi Irix 6.5.15

  • Sgi Irix 6.5.16

  • Sgi Irix 6.5.2

  • Sgi Irix 6.5.3

  • Sgi Irix 6.5.4

  • Sgi Irix 6.5.5

  • Sgi Irix 6.5.6

  • Sgi Irix 6.5.7

  • Sgi Irix 6.5.8

  • Sgi Irix 6.5.9

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0

Application

  • Caldera Unixware 7

  • Caldera Unixware 7.1 .0

  • Caldera Unixware 7.1.1

  • Xi Graphics Dextop 2.1


References

CERT-VN - VU#975403

CERT - CA-2002-20

BUGTRAQ - 20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server

CALDERA - CSSA-2002-SCO.28

SGI - 20021102-02-P


Last Updated: 27 May 2016 10:37:02