Vulnerability Name:
CVE-2002-0679 (CCN-9822)
Assigned:
2002-08-12
Published:
2002-08-12
Updated:
2018-10-30
Summary:
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
CVSS v3 Severity:
10.0 Critical
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Changed
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
CVSS v2 Severity:
10.0 High
(CVSS v2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
10.0 High
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Gain Access
References:
Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2002-SCO.28.1
REVISED: rpc.ttdbserverd file creation/deletion and buffer overflow vulnerabilities
Source: CCN
Type: Compaq SECURITY BULLETIN SRB0039W
HP Tru64 UNIX - Potential Buffer Overflows & SSRT2229 Potential Denial of Service
Source: MITRE
Type: CNA
CVE-2002-0679
Source: BUGTRAQ
Type: UNKNOWN
20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database
Source: CCN
Type: Sun Alert ID: 46366
Buffer Overflow in the ToolTalk Library
Source: CONFIRM
Type: UNKNOWN
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366&zone_32=category%3Asecurity
Source: AIXAPAR
Type: UNKNOWN
IY32792
Source: AIXAPAR
Type: UNKNOWN
IY32793
Source: CCN
Type: CERT Advisory CA-2002-26
Buffer Overflow in CDE ToolTalk
Source: CERT
Type: US Government Resource
CA-2002-26
Source: CCN
Type: CIAC Information Bulletin M-109
Common Desktop Environment (CDE) ToolTalk Buffer Overflow
Source: CCN
Type: Entercept Security Alert 12-Aug-2002
Multi-Vendor Remote Buffer Overflow Vulnerability in CDE ToolTalk Database Server
Source: XF
Type: UNKNOWN
tooltalk-ttdbserverd-ttcreatefile-bo(9822)
Source: CCN
Type: US-CERT VU#387387
Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) vulnerable to buffer overflow via _TT_CREATE_FILE()
Source: CERT-VN
Type: Patch, Third Party Advisory, US Government Resource
VU#387387
Source: CCN
Type: OSVDB ID: 4506
CDE ToolTalk rpc.ttdbserverd _TT_CREATE_FILE Procedure Arbitrary Command Execution
Source: BID
Type: UNKNOWN
5444
Source: CCN
Type: BID-5444
Multiple Vendor CDE ToolTalk Database Server Heap Corruption Vulnerability
Source: HP
Type: UNKNOWN
HPSBUX0207-199
Source: XF
Type: UNKNOWN
tooltalk-ttdbserverd-ttcreatefile-bo(9822)
Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:177
Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:192
Vulnerable Configuration:
Configuration 1
:
cpe:/a:caldera:unixware:7.0:*:*:*:*:*:*:*
OR
cpe:/a:caldera:unixware:7.1.0:*:*:*:*:*:*:*
OR
cpe:/a:caldera:unixware:7.1.1:*:*:*:*:*:*:*
OR
cpe:/a:xi_graphics:dextop:2.1:*:*:*:*:*:*:*
Configuration 2
:
cpe:/o:caldera:openunix:8.0:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:*
OR
cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*
OR
cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
OR
cpe:/o:hp:hp-ux:10.24:*:*:*:*:*:*:*
OR
cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
OR
cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
OR
cpe:/o:ibm:aix:4.3.3:*:*:*:*:*:*:*
OR
cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
OR
cpe:/o:sun:solaris:9.0:*:sparc:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:*
OR
cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:*
OR
cpe:/o:ibm:aix:4.3.3:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.9:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*
Denotes that component is vulnerable
Oval Definitions
Definition ID
Class
Title
Last Modified
oval:org.mitre.oval:def:177
V
Solaris 7 CDE ToolTalk Database Heap Corruption Vulnerability
2010-09-20
oval:org.mitre.oval:def:192
V
Solaris 8 CDE ToolTalk Database Heap Corruption Vulnerability
2010-09-20
BACK
caldera
unixware 7.0
caldera
unixware 7.1.0
caldera
unixware 7.1.1
xi_graphics
dextop 2.1
caldera
openunix 8.0
compaq
tru64 4.0f
compaq
tru64 4.0g
compaq
tru64 5.0a
compaq
tru64 5.1
compaq
tru64 5.1a
hp
hp-ux 10.10
hp
hp-ux 10.20
hp
hp-ux 10.24
hp
hp-ux 11.00
hp
hp-ux 11.11
ibm
aix 4.3.3
ibm
aix 5.1
sun
solaris 2.6
sun
solaris 9.0
sun
sunos 5.5.1
sun
sunos 5.7
sun
sunos 5.8
sun
solaris 2.5.1
sun
solaris 2.6
compaq
tru64 4.0f
sun
solaris 8
compaq
tru64 4.0g
ibm
aix 5.1
compaq
tru64 5.0a
compaq
tru64 5.1
compaq
tru64 5.1a
ibm
aix 4.3.3
sun
solaris 9
sun
solaris 7.0