Vulnerability in Caldera Openunix
CVE-2002-0678
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
EPSS: 0.094 (94.8th percentile) — read the EPSS interpretation.
Affected products
- Caldera Openunix — versions 8.0
- Caldera Unixware — versions 7.0, 7.1.0, 7.1.1
- Compaq Tru64 — versions 4.0f, 4.0g, 5.0a
- Hp Hp-ux — versions 10.10, 10.20, 10.24
- Ibm Aix — versions 4.3.3, 5.1
- Sgi Irix — versions 5.2, 5.3, 6.0
- Sun Solaris — versions 2.6, 9.0
- Sun Sunos — versions 5.5.1, 5.7, 5.8
- Xi_graphics Dextop — versions 2.1
- N/a — versions n/a
References
- cve@mitre.org (US Government Resource, Patch, Third Party Advisory, x_refsource_CERT, third-party-advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (x_refsource_HP, vendor-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_AIXAPAR)
- cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Patch, Third Party Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)