| Revision Date: | 2010-09-20 | Version: | 18 |
| Title: | Solaris 7 CDE ToolTalk Database Symbolic Link Vulnerability |
| Description: | CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. |
| Family: | unix | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2002-0678
|
| Platform(s): | Sun Solaris 7
| Product(s): | Common Desktop Environment
|
| Definition Synopsis |
| Software section Solaris 7 Installed
AND File rpc.ttdbserverd exists
AND NOT Patch 107893-19 or later installed
AND Configuration section
inetd.conf contains rpc.ttdbserverd
AND inetd running
AND File rpc.ttdbserverd executable
File rpc.ttdbserverd executable
OR File rpc.ttdbserverd executable
OR File rpc.ttdbserverd executable
|