Vulnerabilities > CVE-1999-0693

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
hp
ibm
sco
nessus
exploit available

Summary

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

Vulnerable Configurations

Part Description Count
OS
Hp
2
OS
Ibm
1
OS
Sco
1

Exploit-Db

descriptionTRU64/DIGITAL UNIX 4.0 d/f,AIX 4.3.2,Common Desktop Environment 2.1 20, IRIX 6.5.14,Solaris 7.0,SunOS 4.1.4 TTSession Buffer Overflow Vulnerability. CVE-1999...
idEDB-ID:19501
last seen2016-02-02
modified1999-09-13
published1999-09-13
reporterJob de Haas of ITSX
sourcehttps://www.exploit-db.com/download/19501/
titleDIGITAL UNIX 4.0 d/f,AIX <= 4.3.2,CDE <= 2.1,IRIX <= 6.5.14,Solaris <= 7.0,SunOS <= 4.1.4 BoF

Nessus

NASL familyRPC
NASL idRPC_TOOLTALK.NASL
descriptionThe tooltalk RPC service is running. A possible implementation fault in the ToolTalk object database server may allow an attacker to execute arbitrary commands as root. *** This warning may be a false positive since the presence of this *** vulnerability is only accurately identified with local access.
last seen2020-06-01
modified2020-06-02
plugin id10239
published1999-08-22
reporterThis script is Copyright (C) 1999-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/10239
titleCDE RPC tooltalk Service Multiple Overflows

Oval

accepted2005-03-09T07:56:00.000-04:00
classvulnerability
contributors
nameBrian Soby
organizationThe MITRE Corporation
descriptionBuffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
familyunix
idoval:org.mitre.oval:def:4374
statusaccepted
submitted2005-02-01T12:00:00.000-04:00
titleToolTalk Buffer Overflow via TT_SESSION Envvar
version34