Lucene search

MitreCVE-2002-0677

HistoryJul 23, 2002 - 4:00 a.m.

CVE-2002-0677

2002-07-2304:00:00

mitre

web.nvd.nist.gov

cve

cde

tooltalk

ttdbserver

remote attackers

memory overwrite

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.008

Percentile

81.6%

JSON

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

Affected configurations

Nvd

Node

calderaunixwareMatch7

calderaunixwareMatch7.1.1

calderaunixwareMatch7.1_.0

xi_graphicsdextopMatch2.1

sgiirixMatch5.2

sgiirixMatch5.3

sgiirixMatch6.0

sgiirixMatch6.0.1

sgiirixMatch6.1

sgiirixMatch6.2

sgiirixMatch6.3

sgiirixMatch6.4

sgiirixMatch6.5

sgiirixMatch6.5.1

sgiirixMatch6.5.2

sgiirixMatch6.5.3

sgiirixMatch6.5.4

sgiirixMatch6.5.5

sgiirixMatch6.5.6

sgiirixMatch6.5.7

sgiirixMatch6.5.8

sgiirixMatch6.5.9

sgiirixMatch6.5.10

sgiirixMatch6.5.11

sgiirixMatch6.5.12

sgiirixMatch6.5.13

sgiirixMatch6.5.14

sgiirixMatch6.5.15

sgiirixMatch6.5.16

Node

calderaopenunixMatch8.0

compaqtru64Match4.0f

compaqtru64Match4.0g

compaqtru64Match5.0a

compaqtru64Match5.1

compaqtru64Match5.1a

hphp-uxMatch10.10

hphp-uxMatch10.20

hphp-uxMatch10.24

hphp-uxMatch11.00

hphp-uxMatch11.11

ibmaixMatch4.3.3

ibmaixMatch5.1

sunsolarisMatch2.6

sunsunosMatch5.5.1

sunsunosMatch5.7

sunsunosMatch5.8

VendorProductVersionCPE
calderaunixware7cpe:2.3:a:caldera:unixware:7:*:*:*:*:*:*:*
calderaunixware7.1.1cpe:2.3:a:caldera:unixware:7.1.1:*:*:*:*:*:*:*
calderaunixware7.1_.0cpe:2.3:a:caldera:unixware:7.1_.0:*:*:*:*:*:*:*
xi_graphicsdextop2.1cpe:2.3:a:xi_graphics:dextop:2.1:*:*:*:*:*:*:*
sgiirix5.2cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*
sgiirix5.3cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*
sgiirix6.0cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*
sgiirix6.0.1cpe:2.3:o:sgi:irix:6.0.1:*:*:*:*:*:*:*
sgiirix6.1cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*
sgiirix6.2cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
caldera	unixware	7	cpe:2.3:a:caldera:unixware:7:::::::*
caldera	unixware	7.1.1	cpe:2.3:a:caldera:unixware:7.1.1:::::::*
caldera	unixware	7.1_.0	cpe:2.3:a:caldera:unixware:7.1_.0:::::::*
xi_graphics	dextop	2.1	cpe:2.3:a:xi_graphics:dextop:2.1:::::::*
sgi	irix	5.2	cpe:2.3:o:sgi:irix:5.2:::::::*
sgi	irix	5.3	cpe:2.3:o:sgi:irix:5.3:::::::*
sgi	irix	6.0	cpe:2.3:o:sgi:irix:6.0:::::::*
sgi	irix	6.0.1	cpe:2.3:o:sgi:irix:6.0.1:::::::*
sgi	irix	6.1	cpe:2.3:o:sgi:irix:6.1:::::::*
sgi	irix	6.2	cpe:2.3:o:sgi:irix:6.2:::::::*

Rows per page:

1-10 of 461

References

ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt

ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P

marc.info/?l=bugtraq&m=102635906423617&w=2

www.cert.org/advisories/CA-2002-20.html

www.kb.cert.org/vuls/id/975403

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.008

Percentile

81.6%

JSON

Related for CVE-2002-0677