Vulnerability Name:

CVE-2001-0717 (CCN-7069)

Assigned:2001-09-04
Published:2001-09-04
Updated:2017-10-10
Summary:Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: IBM AIX FTP site
FTP site

Source: CALDERA
Type: UNKNOWN
CSSA-2001-SCO.28

Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2001-SCO.28
Open UNIX, UnixWare 7: rpc.ttdbserverd format string vulnerability

Source: MITRE
Type: CNA
CVE-2001-0717

Source: COMPAQ
Type: UNKNOWN
SSRT0767U

Source: CCN
Type: Compaq Security Advisory SSRT0767U
Potential rpc.ttdbserverd buffer overflow

Source: CCN
Type: Hewlett-Packard Company Security Bulletin HPSBUX0110-168
Sec. Vulnerability in rpc.ttbdserverd (rev.1)

Source: HP
Type: UNKNOWN
HPSBUX0110-168

Source: CCN
Type: SECTRACK ID: 1002479
ToolTalk Database Server Format String Flaw Lets Remote Users Gain Root Level Privileges on Several UNIX Operating System Platforms

Source: SECTRACK
Type: UNKNOWN
1002479

Source: SUN
Type: UNKNOWN
00212

Source: CCN
Type: Sun Microsystems, Inc. Security Bulletin #00212
rpc.ttdbserverd

Source: CCN
Type: Sun Microsystems Web site
Patches

Source: CCN
Type: CERT Advisory CA-2001-27
Format String Vulnerability in CDE ToolTalk

Source: CERT
Type: US Government Resource
CA-2001-27

Source: CCN
Type: CIAC Information Bulletin M-002
Multi-Vendor format String Vulnerability in ToolTalk Service

Source: CIAC
Type: UNKNOWN
M-002

Source: CCN
Type: Internet Security Systems Security Alert #98
Multi-Vendor Format String Vulnerability in ToolTalk Service

Source: CCN
Type: US-CERT VU#595507
Common Desktop Environment (CDE) ToolTalk RPC Server rpc.ttdbserverd contains format string vulnerability

Source: BID
Type: UNKNOWN
3382

Source: CCN
Type: BID-3382
Multiple CDE Vendor ToolTalk Database Server Format String Vulnerability

Source: CCN
Type: SGI Support Web site
Security

Source: ISS
Type: Patch, Vendor Advisory
20011002 Multi-Vendor Format String Vulnerability in ToolTalk Service

Source: XF
Type: UNKNOWN
tooltalk-ttdbserverd-format-string(7069)

Source: XF
Type: UNKNOWN
tooltalk-ttdbserverd-format-string(7069)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:tooltalk:tooltalk_database_server:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:sgi:irix:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.4:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:4.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:-:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.4:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.1.5:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    tooltalk tooltalk database server *
    sgi irix 5.2
    sgi irix 5.3
    sgi irix 6.1
    sgi irix 6.2
    sgi irix 6.3
    sgi irix 6.4
    sun solaris 2.6
    hp hp-ux 10.10
    hp hp-ux 11.00
    sgi irix 6.0
    hp hp-ux 10.20
    compaq tru64 4.0f
    ibm aix 4.3
    sun solaris 8
    compaq tru64 5.0
    hp hp-ux 11.11
    compaq tru64 4.0g
    ibm aix 5.1
    compaq tru64 5.0a
    compaq tru64 5.1
    compaq tru64 5.1a
    sun solaris 1.1
    sun solaris 1.2
    sun solaris 7.0
    ibm aix 4.1.1
    ibm aix 4.1.2
    ibm aix 4.1.3
    ibm aix 4.1.4
    ibm aix 4.1.5
    sun solaris 2.0