101 matches found
CVE-2001-0717
Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function...
Common Desktop Environment (CDE) ToolTalk RPC Server rpc.ttdbserverd contains format string vulnerability
Overview A vulnerability exists in CDE ToolTalk that may allow a remote attacker to execute arbitrary code with root privileges. Description Internet Security Systems ISS X-Force has discovered a format string vulnerability in the Common Desktop Environment CDE ToolTalk Remote Procedure Call RPC...
Ошибка форматной строки в ToolTalk rpc.ttdbserverd (format string)
Позволяет получить привилегии root...
ISSalert: ISS Security Advisory: Multi-Vendor Format String Vulnerability in ToolTalk Service
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...
CVE-1999-1075
inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver ToolTalk server, but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not...
CVE-1999-1075
inetd in AIX 4.1.5 assigns a dynamic port N for ttdbserver but also listens on port N-1 and does not pass control to ttdbserver. This enables a denial of service via a flood of connections to N-1 that are not properly closed by inetd. No exploits or remediation are provided in the supplied docume...
CVE-1999-0693
Buffer overflow in TTSESSION environment variable in ToolTalk shared library allows local users to gain root privileges...
CVE-1999-0687
Technical details (affected product/version, impact, remediation) are not publicly available in the provided documents. Monitor for updates from authoritative sources.
CVE-1999-0693
Buffer overflow in TTSESSION environment variable in ToolTalk shared library allows local users to gain root privileges...
CVE-1999-0687
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands...
CVE-1999-0693
CVE-1999-0693 describes a buffer overflow in the TT_SESSION environment variable within the ToolTalk shared library that can allow a local attacker to gain root privileges via the ToolTalk RPC service. The vulnerability is associated with the ToolTalk RPC service, sometimes referred to as the Too...
CVE-1999-0003
CVE-1999-0003: A buffer overflow in the ToolTalk database server (rpc.ttdbserverd) may allow an attacker to execute arbitrary commands as root. Affected component is ToolTalk’s object database server; exploitation would require access to the vulnerable service. In the provided references, the imp...
CVE-1999-0003
Execute commands as root via buffer overflow in Tooltalk database server rpc.ttdbserverd...
ttsession_vuln.txt
Subject: Vulnerability in ttsession To: [email protected] Hello, I discovered the following security problem in ttsession, part of CDE: Description ----------- The ToolTalk session daemon ttsession does not properly check client credentials. Impact ------ The insufficient check can lead t...
CVE-1999-0687
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands...
Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow 1 // source: https://www.securityfocus.com/bid/122/info An implementation fault in the ToolTalk object database server allows a remote attacker to run arbitrary code as the superuser on hosts...
Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)
Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow 2 // source: https://www.securityfocus.com/bid/122/info An implementation fault in the ToolTalk object database server allows a remote attacker to run arbitrary code as the superuser on hosts...
Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)
// source: https://www.securityfocus.com/bid/122/info An implementation fault in the ToolTalk object database server allows a remote attacker to run arbitrary code as the superuser on hosts supporting the ToolTalk service. The affected program runs on many popular UNIX operating systems supportin...
Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
// source: https://www.securityfocus.com/bid/122/info An implementation fault in the ToolTalk object database server allows a remote attacker to run arbitrary code as the superuser on hosts supporting the ToolTalk service. The affected program runs on many popular UNIX operating systems supportin...
CVE-1999-1075
inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver ToolTalk server, but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not...