Vulnerabilities > CVE-2002-0679
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 | |
| Application | 1 | |
| OS | 1 | |
| OS | 5 | |
| OS | 5 | |
| OS | 2 | |
| OS | 5 |
Oval
accepted 2010-09-20T04:00:17.742-04:00 class vulnerability contributors name David Proulx organization The MITRE Corporation name Todd Dolinsky organization Opsware, Inc. name Jonathan Baker organization The MITRE Corporation
description Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. family unix id oval:org.mitre.oval:def:177 status accepted submitted 2003-01-29T12:00:00.000-04:00 title Solaris 7 CDE ToolTalk Database Heap Corruption Vulnerability version 37 accepted 2010-09-20T04:00:18.506-04:00 class vulnerability contributors name David Proulx organization The MITRE Corporation name Todd Dolinsky organization Opsware, Inc. name Jonathan Baker organization The MITRE Corporation
description Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. family unix id oval:org.mitre.oval:def:192 status accepted submitted 2003-01-29T12:00:00.000-04:00 title Solaris 8 CDE ToolTalk Database Heap Corruption Vulnerability version 37
References
- http://marc.info/?l=bugtraq&m=102917002523536&w=2
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366&zone_32=category%3Asecurity
- http://www.cert.org/advisories/CA-2002-26.html
- http://www.iss.net/security_center/static/9822.php
- http://www.kb.cert.org/vuls/id/387387
- http://www.securityfocus.com/bid/5444
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY32792&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY32793&apar=only
- http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A177
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A192