Oval Definition:	oval:org.mitre.oval:def:15
Revision Date: 2010-09-20 Version: 18 Title: Solaris 8 CDE ToolTalk Database Null Write Vulnerability Description: CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2002-0677 Platform(s): Sun Solaris 8 Product(s): Common Desktop Environment Definition Synopsis Software section Solaris 8 Installed AND File rpc.ttdbserverd exists AND NOT Patch 110286-09 or later installed AND Configuration section inetd.conf contains rpc.ttdbserverd AND inetd running AND File rpc.ttdbserverd executable File rpc.ttdbserverd executable OR File rpc.ttdbserverd executable OR File rpc.ttdbserverd executable
BACK