CVE-2002-0677

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

El sevidor de bases de datos CDE ToolTalk (ttdbserver) permite a atacantes remotos sobrescribir posiciones arbitrarias de memoria con ceros, y posiblemente ganar privilegios, mediante un arguemnte de descriptor de fichero en una llamada al procedimiento AUTH_UNIX, que es usado como índice de tabla en el procedimiento _TT_ISCLOSE.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2002-07-09 CVE Reserved
2002-07-12 CVE Published
2023-03-07 EPSS Updated
2024-08-08 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
http://marc.info/?l=bugtraq&m=102635906423617&w=2	Mailing List
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91	Signature

URL	Date	SRC

URL	Date	SRC
http://www.cert.org/advisories/CA-2002-20.html	2018-10-30
http://www.kb.cert.org/vuls/id/975403	2018-10-30

URL	Date	SRC
ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt	2018-10-30
ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P	2018-10-30

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Caldera Search vendor "Caldera"		Unixware Search vendor "Caldera" for product "Unixware"				7 Search vendor "Caldera" for product "Unixware" and version "7"		-		Affected
Caldera Search vendor "Caldera"		Unixware Search vendor "Caldera" for product "Unixware"				7.1.1 Search vendor "Caldera" for product "Unixware" and version "7.1.1"		-		Affected
Caldera Search vendor "Caldera"		Unixware Search vendor "Caldera" for product "Unixware"				7.1_.0 Search vendor "Caldera" for product "Unixware" and version "7.1_.0"		-		Affected
Xi Graphics Search vendor "Xi Graphics"		Dextop Search vendor "Xi Graphics" for product "Dextop"				2.1 Search vendor "Xi Graphics" for product "Dextop" and version "2.1"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				5.2 Search vendor "Sgi" for product "Irix" and version "5.2"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				5.3 Search vendor "Sgi" for product "Irix" and version "5.3"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.0 Search vendor "Sgi" for product "Irix" and version "6.0"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.0.1 Search vendor "Sgi" for product "Irix" and version "6.0.1"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.1 Search vendor "Sgi" for product "Irix" and version "6.1"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.2 Search vendor "Sgi" for product "Irix" and version "6.2"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.3 Search vendor "Sgi" for product "Irix" and version "6.3"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.4 Search vendor "Sgi" for product "Irix" and version "6.4"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5 Search vendor "Sgi" for product "Irix" and version "6.5"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.1 Search vendor "Sgi" for product "Irix" and version "6.5.1"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.2 Search vendor "Sgi" for product "Irix" and version "6.5.2"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.3 Search vendor "Sgi" for product "Irix" and version "6.5.3"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.4 Search vendor "Sgi" for product "Irix" and version "6.5.4"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.5 Search vendor "Sgi" for product "Irix" and version "6.5.5"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.6 Search vendor "Sgi" for product "Irix" and version "6.5.6"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.7 Search vendor "Sgi" for product "Irix" and version "6.5.7"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.8 Search vendor "Sgi" for product "Irix" and version "6.5.8"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.9 Search vendor "Sgi" for product "Irix" and version "6.5.9"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.10 Search vendor "Sgi" for product "Irix" and version "6.5.10"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.11 Search vendor "Sgi" for product "Irix" and version "6.5.11"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.12 Search vendor "Sgi" for product "Irix" and version "6.5.12"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.13 Search vendor "Sgi" for product "Irix" and version "6.5.13"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.14 Search vendor "Sgi" for product "Irix" and version "6.5.14"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.15 Search vendor "Sgi" for product "Irix" and version "6.5.15"		-		Affected
Sgi Search vendor "Sgi"		Irix Search vendor "Sgi" for product "Irix"				6.5.16 Search vendor "Sgi" for product "Irix" and version "6.5.16"		-		Affected
Caldera Search vendor "Caldera"		Openunix Search vendor "Caldera" for product "Openunix"				8.0 Search vendor "Caldera" for product "Openunix" and version "8.0"		-		Affected
Compaq Search vendor "Compaq"		Tru64 Search vendor "Compaq" for product "Tru64"				4.0f Search vendor "Compaq" for product "Tru64" and version "4.0f"		-		Affected
Compaq Search vendor "Compaq"		Tru64 Search vendor "Compaq" for product "Tru64"				4.0g Search vendor "Compaq" for product "Tru64" and version "4.0g"		-		Affected
Compaq Search vendor "Compaq"		Tru64 Search vendor "Compaq" for product "Tru64"				5.0a Search vendor "Compaq" for product "Tru64" and version "5.0a"		-		Affected
Compaq Search vendor "Compaq"		Tru64 Search vendor "Compaq" for product "Tru64"				5.1 Search vendor "Compaq" for product "Tru64" and version "5.1"		-		Affected
Compaq Search vendor "Compaq"		Tru64 Search vendor "Compaq" for product "Tru64"				5.1a Search vendor "Compaq" for product "Tru64" and version "5.1a"		-		Affected
Hp Search vendor "Hp"		Hp-ux Search vendor "Hp" for product "Hp-ux"				10.10 Search vendor "Hp" for product "Hp-ux" and version "10.10"		-		Affected
Hp Search vendor "Hp"		Hp-ux Search vendor "Hp" for product "Hp-ux"				10.20 Search vendor "Hp" for product "Hp-ux" and version "10.20"		-		Affected
Hp Search vendor "Hp"		Hp-ux Search vendor "Hp" for product "Hp-ux"				10.24 Search vendor "Hp" for product "Hp-ux" and version "10.24"		-		Affected
Hp Search vendor "Hp"		Hp-ux Search vendor "Hp" for product "Hp-ux"				11.00 Search vendor "Hp" for product "Hp-ux" and version "11.00"		-		Affected
Hp Search vendor "Hp"		Hp-ux Search vendor "Hp" for product "Hp-ux"				11.11 Search vendor "Hp" for product "Hp-ux" and version "11.11"		-		Affected
Ibm Search vendor "Ibm"		Aix Search vendor "Ibm" for product "Aix"				4.3.3 Search vendor "Ibm" for product "Aix" and version "4.3.3"		-		Affected
Ibm Search vendor "Ibm"		Aix Search vendor "Ibm" for product "Aix"				5.1 Search vendor "Ibm" for product "Aix" and version "5.1"		-		Affected
Sun Search vendor "Sun"		Solaris Search vendor "Sun" for product "Solaris"				2.6 Search vendor "Sun" for product "Solaris" and version "2.6"		-		Affected
Sun Search vendor "Sun"		Sunos Search vendor "Sun" for product "Sunos"				5.5.1 Search vendor "Sun" for product "Sunos" and version "5.5.1"		-		Affected
Sun Search vendor "Sun"		Sunos Search vendor "Sun" for product "Sunos"				5.7 Search vendor "Sun" for product "Sunos" and version "5.7"		-		Affected
Sun Search vendor "Sun"		Sunos Search vendor "Sun" for product "Sunos"				5.8 Search vendor "Sun" for product "Sunos" and version "5.8"		-		Affected