7.5

CVE-2002-0677

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

Data is provided by the National Vulnerability Database (NVD)
CalderaUnixware Version7
CalderaUnixware Version7.1.1
CalderaUnixware Version7.1_.0
Xi GraphicsDextop Version2.1
SgiIrix Version5.2
SgiIrix Version5.3
SgiIrix Version6.0
SgiIrix Version6.0.1
SgiIrix Version6.1
SgiIrix Version6.2
SgiIrix Version6.3
SgiIrix Version6.4
SgiIrix Version6.5
SgiIrix Version6.5.1
SgiIrix Version6.5.2
SgiIrix Version6.5.3
SgiIrix Version6.5.4
SgiIrix Version6.5.5
SgiIrix Version6.5.6
SgiIrix Version6.5.7
SgiIrix Version6.5.8
SgiIrix Version6.5.9
SgiIrix Version6.5.10
SgiIrix Version6.5.11
SgiIrix Version6.5.12
SgiIrix Version6.5.13
SgiIrix Version6.5.14
SgiIrix Version6.5.15
SgiIrix Version6.5.16
CalderaOpenunix Version8.0
CompaqTru64 Version4.0f
CompaqTru64 Version4.0g
CompaqTru64 Version5.0a
CompaqTru64 Version5.1
CompaqTru64 Version5.1a
HpHp-ux Version10.10
HpHp-ux Version10.20
HpHp-ux Version10.24
HpHp-ux Version11.00
HpHp-ux Version11.11
IbmAix Version4.3.3
IbmAix Version5.1
SunSolaris Version2.6
SunSunos Version5.5.1
SunSunos Version5.7
SunSunos Version5.8
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 19.03% 0.951
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
http://www.cert.org/advisories/CA-2002-20.html
Patch
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/975403
Patch
Third Party Advisory
US Government Resource