Vulnerabilities > CVE-1999-0003

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
tritreal
sgi
hp
ibm
sun
critical
nessus
exploit available
NVD
Published: 1998-04-01
Updated: 2018-10-30

Summary

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

Vulnerable Configurations

Part Description Count
Application
Tritreal
1
OS
Sgi
7
OS
Hp
4
OS
Ibm
9
OS
Sun
10

Exploit-Db

  • descriptionXi Graphics Maximum CDE 1.2.3,TriTeal TED CDE 4.3,Sun Solaris 2.5.1 ToolTalk RPC Service Overflow Vulnerability (2). CVE-1999-0003. Remote exploit for unix p...
    idEDB-ID:19102
    last seen2016-02-02
    modified1998-08-31
    published1998-08-31
    reporterNAI research team
    sourcehttps://www.exploit-db.com/download/19102/
    titleXi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris <= 2.5.1 - ToolTalk RPC Service Overflow Vulnerability 2
  • descriptionXi Graphics Maximum CDE 1.2.3,TriTeal TED CDE 4.3,Sun Solaris 2.5.1 ToolTalk RPC Service Overflow Vulnerability (1). CVE-1999-0003. Remote exploit for unix p...
    idEDB-ID:19101
    last seen2016-02-02
    modified1998-08-31
    published1998-08-31
    reporterNAI research team
    sourcehttps://www.exploit-db.com/download/19101/
    titleXi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris <= 2.5.1 - ToolTalk RPC Service Overflow Vulnerability 1

Nessus

NASL familyRPC
NASL idRPC_TOOLTALK.NASL
descriptionThe tooltalk RPC service is running. A possible implementation fault in the ToolTalk object database server may allow an attacker to execute arbitrary commands as root. *** This warning may be a false positive since the presence of this *** vulnerability is only accurately identified with local access.
last seen2020-06-01
modified2020-06-02
plugin id10239
published1999-08-22
reporterThis script is Copyright (C) 1999-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/10239
titleCDE RPC tooltalk Service Multiple Overflows

References