CVE-2002-0678

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2002-0678
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt
ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P
http://archives.neohapsis.com/archives/aix/2002-q3/0002.html
http://archives.neohapsis.com/archives/aix/2002-q3/0002.html
http://marc.info/?l=bugtraq&m=102635906423617&w=2
http://www.cert.org/advisories/CA-2002-20.html Patch Third Party Advisory US Government Resource
http://www.iss.net/security_center/static/9527.php
http://www.kb.cert.org/vuls/id/299816 Patch Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/5083
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80
ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt
ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P
http://archives.neohapsis.com/archives/aix/2002-q3/0002.html
http://archives.neohapsis.com/archives/aix/2002-q3/0002.html
http://marc.info/?l=bugtraq&m=102635906423617&w=2
http://www.cert.org/advisories/CA-2002-20.html Patch Third Party Advisory US Government Resource
http://www.iss.net/security_center/static/9527.php
http://www.kb.cert.org/vuls/id/299816 Patch Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/5083
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:caldera:unixware:7.0:*:*:*:*:*:*:*
cpe:2.3:a:caldera:unixware:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:caldera:unixware:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:xi_graphics:dextop:2.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.14:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:caldera:openunix:8.0:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
History

20 Nov 2024, 23:39

Type Values Removed Values Added
References () ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt - () ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt -
References () ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P - () ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P -
References () http://archives.neohapsis.com/archives/aix/2002-q3/0002.html - () http://archives.neohapsis.com/archives/aix/2002-q3/0002.html -
References () http://marc.info/?l=bugtraq&m=102635906423617&w=2 - () http://marc.info/?l=bugtraq&m=102635906423617&w=2 -
References () http://www.cert.org/advisories/CA-2002-20.html - Patch, Third Party Advisory, US Government Resource () http://www.cert.org/advisories/CA-2002-20.html - Patch, Third Party Advisory, US Government Resource
References () http://www.iss.net/security_center/static/9527.php - () http://www.iss.net/security_center/static/9527.php -
References () http://www.kb.cert.org/vuls/id/299816 - Patch, Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/299816 - Patch, Third Party Advisory, US Government Resource
References () http://www.securityfocus.com/bid/5083 - () http://www.securityfocus.com/bid/5083 -
References () http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199 - () http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80 -
Information

Published : 2002-07-23 04:00

Updated : 2024-11-20 23:39

NVD link : CVE-2002-0678

Mitre link : CVE-2002-0678

CVE.ORG link : CVE-2002-0678

JSON object : View

Products Affected

sun

  • sunos
  • solaris

caldera

  • openunix
  • unixware

sgi

  • irix

xi_graphics

  • dextop

ibm

  • aix

compaq

  • tru64

hp

  • hp-ux
CWE
NVD-CWE-Other