Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0679

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-0679
Last Modified 10 Sep 2008 03:12:41
Published 05 Sep 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0679

Summary

Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.

Vulnerable Systems

Operating System

  • Caldera Openunix 8.0

  • Compaq Tru64 4.0f

  • Compaq Tru64 4.0g

  • Compaq Tru64 5.0a

  • Compaq Tru64 5.1

  • Compaq Tru64 5.1a

  • Hp-ux 10.10

  • Hp-ux 10.20

  • Hp-ux 10.24

  • Hp-ux 11.00

  • Hp-ux 11.11

  • Ibm Aix 4.3.3

  • Ibm Aix 5.1

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0

Application

  • Caldera Unixware 7.0

  • Caldera Unixware 7.1.0

  • Caldera Unixware 7.1.1

  • Xi Graphics Dextop 2.1


References

CERT-VN - VU#387387

CERT - CA-2002-26

BUGTRAQ - 20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database

HP - HPSBUX0207-199

BID - 5444

XF - tooltalk-ttdbserverd-ttcreatefile-bo(9822)

AIXAPAR - IY32793

AIXAPAR - IY32792

CONFIRM - http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366&zone_32=category%3Asecurity


Last Updated: 27 May 2016 10:37:02