CVE-2002-0679

Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.

Score10.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published2002-09-05 12:00:00.000-04
Last Modified2018-10-30 12:26:22.000-04

Vulnerable Software List

VendorProductVersions
Xi Graphics Dextop 2.1
Caldera Openunix 8.0
Caldera Unixware 7.0, 7.1.0, 7.1.1
Ibm Aix 4.3.3, 5.1
Hp Hp-ux 10.10, 10.20, 10.24, 11.00, 11.11
Sun Sunos 5.5.1, 5.7, 5.8
Sun Solaris 2.6, 9.0::sparc
Compaq Tru64 4.0f, 4.0g, 5.0a, 5.1, 5.1a

References

SourceLink
BUGTRAQ20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database
CONFIRMhttp://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366&zone_32=category%3Asecurity
CERTCA-2002-26
XFtooltalk-ttdbserverd-ttcreatefile-bo(9822)
CERT-VNVU#387387
BID5444
AIXAPARIY32792
AIXAPARIY32793
HPHPSBUX0207-199