Vulnerability Name:

CVE-1999-0003 (CCN-1408)

Assigned:1998-04-01
Published:1998-04-01
Updated:2018-10-30
Summary:Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: SGI Security Advisory 19981101-01-A
Vulnerability in ToolTalk RPC Service

Source: SGI
Type: UNKNOWN
19981101-01-A

Source: CCN
Type: SGI Security Advisory 19981101-01-PX
Vulnerability in ToolTalk RPC Service

Source: SGI
Type: UNKNOWN
19981101-01-PX

Source: CCN
Type: SGI Security Advisory 20020302-01-A
Additional CDE and CDE ToolTalk Vulnerabilities

Source: CCN
Type: CIAC Information Bulletin I-090
HP-UX dtmail/rpc.ttdbserverd Vulnerability

Source: MITRE
Type: CNA
CVE-1999-0003

Source: CCN
Type: Network Associates, Inc. COVERT Labs Security Advisory #29, August 31, 1998
Stack Overflow in ToolTalk RPC Service

Source: CCN
Type: CERT Advisory CA-1998-11
Vulnerability in ToolTalk RPC Service

Source: CCN
Type: CERT Incident Note IN-1999-04
Similar Attacks Using Various RPC Services

Source: CCN
Type: OSVDB ID: 4505
CDE ToolTalk RPC Service Remote Overflow

Source: CCN
Type: Hewlett-Packard Company Security Bulletin HPSBUX9808-084
Security Vulnerability in dtmail/rpc.ttdbserverd on HP-UX

Source: CCN
Type: SCO Security Web site
Security Fixes

Source: BID
Type: UNKNOWN
122

Source: CCN
Type: BID-122
Multiple Vendor ToolTalk RPC Service Overflow Vulnerability

Source: CCN
Type: FedCIRC Advisory FA-98.88
HP-UX dtmail/rpc.ttdbserverd Vulnerability

Source: XF
Type: UNKNOWN
tooltalk(1408)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:tritreal:ted_cde:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.4:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/o:hp:hp-ux:10.01:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.02:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.03:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.4:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.5:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.2.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:-:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:4.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.4:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.5:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • AND
  • cpe:/o:ibm:aix:*:*:*:*:*:*:*:*
  • OR cpe:/o:windriver:bsdos:*:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:*:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:*:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:data_general:dg_ux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.4:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:4.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:4.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.30:*:*:*:*:*:*:*
  • OR cpe:/o:sco:unix:*:*:*:*:*:*:*:*
  • OR cpe:/o:sco:unixware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.2:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:*:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.4:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.5:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.2.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.2.1.12:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    tritreal ted cde 4.3
    sgi irix 5.2
    sgi irix 5.3
    sgi irix 6.0
    sgi irix 6.1
    sgi irix 6.2
    sgi irix 6.3
    sgi irix 6.4
    hp hp-ux 10.01
    hp hp-ux 10.02
    hp hp-ux 10.03
    hp hp-ux 11.00
    ibm aix 4.1
    ibm aix 4.1.1
    ibm aix 4.1.2
    ibm aix 4.1.3
    ibm aix 4.1.4
    ibm aix 4.1.5
    ibm aix 4.2
    ibm aix 4.2.1
    ibm aix 4.3
    sun solaris 2.6
    sun sunos -
    sun sunos 4.1.3
    sun sunos 5.0
    sun sunos 5.1
    sun sunos 5.2
    sun sunos 5.3
    sun sunos 5.4
    sun sunos 5.5
    sun sunos 5.5.1
    hp hp-ux 10.20
    ibm aix *
    windriver bsdos *
    hp hp-ux *
    sgi irix *
    linux linux kernel *
    sun solaris *
    ibm aix 4.2.1
    data_general dg ux *
    sgi irix 5.3
    sgi irix 6.2
    sgi irix 6.3
    sgi irix 6.4
    sun solaris 2.3
    sun solaris 2.5.1
    sun sunos 4.1
    sun sunos 4.1.3
    sun solaris 2.6
    hp hp-ux 10.10
    hp hp-ux 11.00
    hp hp-ux 10.30
    sco unix *
    sco unixware 7.0.0
    ibm aix 4.3
    ibm aix 4.3.2
    compaq tru64 *
    ibm aix 4.3.3
    sun solaris 1.0
    ibm aix 4.3.1
    ibm aix 4.1.1
    ibm aix 4.1.2
    ibm aix 4.1.3
    ibm aix 4.1.4
    ibm aix 4.1.5
    ibm aix 4.2.0
    ibm aix 4.2.1.12