Vulnerabilities > CVE-2002-0677
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 | |
| Application | 1 | |
| OS | Sgi
| 25 |
| OS | 1 | |
| OS | 5 | |
| OS | 5 | |
| OS | 2 | |
| OS | 4 |
Oval
accepted 2010-09-20T04:00:05.204-04:00 class vulnerability contributors name Brian Soby organization The MITRE Corporation name Brian Soby organization The MITRE Corporation name Brian Soby organization The MITRE Corporation name Todd Dolinsky organization Opsware, Inc. name Jonathan Baker organization The MITRE Corporation
description CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. family unix id oval:org.mitre.oval:def:1099 status accepted submitted 2004-10-15T12:00:00.000-04:00 title Solaris 9 CDE ToolTalk Database Null Write Vulnerability version 39 accepted 2010-09-20T04:00:13.345-04:00 class vulnerability contributors name David Proulx organization The MITRE Corporation name Todd Dolinsky organization Opsware, Inc. name Jonathan Baker organization The MITRE Corporation
description CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. family unix id oval:org.mitre.oval:def:15 status accepted submitted 2003-01-31T12:00:00.000-04:00 title Solaris 8 CDE ToolTalk Database Null Write Vulnerability version 37 accepted 2010-09-20T04:00:46.125-04:00 class vulnerability contributors name David Proulx organization The MITRE Corporation name Todd Dolinsky organization Opsware, Inc. name Jonathan Baker organization The MITRE Corporation
description CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. family unix id oval:org.mitre.oval:def:91 status accepted submitted 2003-01-31T12:00:00.000-04:00 title Solaris 7 CDE ToolTalk Database Null Write Vulnerability version 37
References
- ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt
- ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P
- http://marc.info/?l=bugtraq&m=102635906423617&w=2
- http://www.cert.org/advisories/CA-2002-20.html
- http://www.kb.cert.org/vuls/id/975403
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91