Vulnerability Name:

CVE-2002-0679 (CCN-9822)

Assigned:2002-08-12
Published:2002-08-12
Updated:2018-10-30
Summary:Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2002-SCO.28.1
REVISED: rpc.ttdbserverd file creation/deletion and buffer overflow vulnerabilities

Source: CCN
Type: Compaq SECURITY BULLETIN SRB0039W
HP Tru64 UNIX - Potential Buffer Overflows & SSRT2229 Potential Denial of Service

Source: MITRE
Type: CNA
CVE-2002-0679

Source: BUGTRAQ
Type: UNKNOWN
20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database

Source: CCN
Type: Sun Alert ID: 46366
Buffer Overflow in the ToolTalk Library

Source: CONFIRM
Type: UNKNOWN
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366&zone_32=category%3Asecurity

Source: AIXAPAR
Type: UNKNOWN
IY32792

Source: AIXAPAR
Type: UNKNOWN
IY32793

Source: CCN
Type: CERT Advisory CA-2002-26
Buffer Overflow in CDE ToolTalk

Source: CERT
Type: US Government Resource
CA-2002-26

Source: CCN
Type: CIAC Information Bulletin M-109
Common Desktop Environment (CDE) ToolTalk Buffer Overflow

Source: CCN
Type: Entercept Security Alert 12-Aug-2002
Multi-Vendor Remote Buffer Overflow Vulnerability in CDE ToolTalk Database Server

Source: XF
Type: UNKNOWN
tooltalk-ttdbserverd-ttcreatefile-bo(9822)

Source: CCN
Type: US-CERT VU#387387
Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) vulnerable to buffer overflow via _TT_CREATE_FILE()

Source: CERT-VN
Type: Patch, Third Party Advisory, US Government Resource
VU#387387

Source: CCN
Type: OSVDB ID: 4506
CDE ToolTalk rpc.ttdbserverd _TT_CREATE_FILE Procedure Arbitrary Command Execution

Source: BID
Type: UNKNOWN
5444

Source: CCN
Type: BID-5444
Multiple Vendor CDE ToolTalk Database Server Heap Corruption Vulnerability

Source: HP
Type: UNKNOWN
HPSBUX0207-199

Source: XF
Type: UNKNOWN
tooltalk-ttdbserverd-ttcreatefile-bo(9822)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:177

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:192

Vulnerable Configuration:Configuration 1:
  • cpe:/a:caldera:unixware:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:caldera:unixware:7.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:caldera:unixware:7.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:xi_graphics:dextop:2.1:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/o:caldera:openunix:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.24:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.9:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:177
    V
    Solaris 7 CDE ToolTalk Database Heap Corruption Vulnerability
    2010-09-20
    oval:org.mitre.oval:def:192
    V
    Solaris 8 CDE ToolTalk Database Heap Corruption Vulnerability
    2010-09-20
    BACK
    caldera unixware 7.0
    caldera unixware 7.1.0
    caldera unixware 7.1.1
    xi_graphics dextop 2.1
    caldera openunix 8.0
    compaq tru64 4.0f
    compaq tru64 4.0g
    compaq tru64 5.0a
    compaq tru64 5.1
    compaq tru64 5.1a
    hp hp-ux 10.10
    hp hp-ux 10.20
    hp hp-ux 10.24
    hp hp-ux 11.00
    hp hp-ux 11.11
    ibm aix 4.3.3
    ibm aix 5.1
    sun solaris 2.6
    sun solaris 9.0
    sun sunos 5.5.1
    sun sunos 5.7
    sun sunos 5.8
    sun solaris 2.5.1
    sun solaris 2.6
    compaq tru64 4.0f
    sun solaris 8
    compaq tru64 4.0g
    ibm aix 5.1
    compaq tru64 5.0a
    compaq tru64 5.1
    compaq tru64 5.1a
    ibm aix 4.3.3
    sun solaris 9
    sun solaris 7.0