fkie_nvd - fkie_cve-2002-0677

fkie_cve-2002-0677

Vulnerability from fkie_nvd

Published

2002-07-23 04:00

Modified

2024-11-20 23:39

Severity ?

Summary

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

References

URL	Tags
cve@mitre.org	ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt
cve@mitre.org	ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P
cve@mitre.org	http://marc.info/?l=bugtraq&m=102635906423617&w=2
cve@mitre.org	http://www.cert.org/advisories/CA-2002-20.html	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.kb.cert.org/vuls/id/975403	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=102635906423617&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2002-20.html	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/975403	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91

Impacted products

Vendor	Product	Version
caldera	unixware	7
caldera	unixware	7.1.1
caldera	unixware	7.1_.0
xi_graphics	dextop	2.1
sgi	irix	5.2
sgi	irix	5.3
sgi	irix	6.0
sgi	irix	6.0.1
sgi	irix	6.1
sgi	irix	6.2
sgi	irix	6.3
sgi	irix	6.4
sgi	irix	6.5
sgi	irix	6.5.1
sgi	irix	6.5.2
sgi	irix	6.5.3
sgi	irix	6.5.4
sgi	irix	6.5.5
sgi	irix	6.5.6
sgi	irix	6.5.7
sgi	irix	6.5.8
sgi	irix	6.5.9
sgi	irix	6.5.10
sgi	irix	6.5.11
sgi	irix	6.5.12
sgi	irix	6.5.13
sgi	irix	6.5.14
sgi	irix	6.5.15
sgi	irix	6.5.16
caldera	openunix	8.0
compaq	tru64	4.0f
compaq	tru64	4.0g
compaq	tru64	5.0a
compaq	tru64	5.1
compaq	tru64	5.1a
hp	hp-ux	10.10
hp	hp-ux	10.20
hp	hp-ux	10.24
hp	hp-ux	11.00
hp	hp-ux	11.11
ibm	aix	4.3.3
ibm	aix	5.1
sun	solaris	2.6
sun	sunos	5.5.1
sun	sunos	5.7
sun	sunos	5.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:caldera:unixware:7:*:*:*:*:*:*:*",
              "matchCriteriaId": "42AA34B0-4A86-4864-8C10-456DDD152989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:caldera:unixware:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9341A7B9-9087-4022-BA1C-254B0050FA88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:caldera:unixware:7.1_.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B99D6418-D27D-45FC-B220-5DC85A22ABC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xi_graphics:dextop:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1691F6-D053-42AA-925E-14C43308A30B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E292DA15-91BF-4957-9C0F-A69518538BED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "26144F94-63FD-4907-B548-09B68C2FC9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "26309EFA-0991-46B6-9818-F0FBB902D5F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A81ED6-CE92-4C10-AA2B-AB9AF573D120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "966C1A13-8007-408D-96BE-0DA3BB6CA401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B24D34C-1F95-45C8-9A57-2D2622ED9019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BD69805-D021-4DCC-9FB6-A0BEA721408A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13C07CC-F615-4F30-B532-4BF6F02F84DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:caldera:openunix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "979D9A9B-2A7E-40D4-846C-A195EC89CCEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB2B5B59-B0CD-4F49-870B-F8F8BE902965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
              "matchCriteriaId": "75546AD4-15DD-45FD-AFFB-8A59CB8D401C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C85EF72-0F04-4705-9BED-C921F5FB7860",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E296E409-EF32-48FC-88CB-C38C7CF4A239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9413090-D930-49DB-B7ED-7035C717B821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB23261-D5A9-4C49-B08E-97A63ED6F84A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure."
    },
    {
      "lang": "es",
      "value": "El sevidor de bases de datos CDE ToolTalk (ttdbserver) permite a atacantes remotos sobrescribir posiciones arbitrarias de memoria con ceros, y posiblemente ganar privilegios, mediante un arguemnte de descriptor de fichero en una llamada al  procedimiento AUTH_UNIX, que es usado como \u00edndice de tabla en el procedimiento _TT_ISCLOSE."
    }
  ],
  "id": "CVE-2002-0677",
  "lastModified": "2024-11-20T23:39:37.227",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-07-23T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-20.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/975403"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-20.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/975403"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2002-0677

Vulnerability from cvelistv5

Published

2002-07-12 04:00

Modified

2024-08-08 02:56