4 matches found
CVE-2002-0677
The CVE-2002-0677 entry affects the CDE ToolTalk RPC database server (rpc.ttdbserverd). The OpenVAS/Core/CORE documentation confirms the vulnerability: an attacker can exploit improper range checking on the AUTH_UNIX file descriptor argument passed to _TT_ISCLOSE, using it as an index into a 128-...
CVE-2004-0368
CVE-2004-0368 is a double-free vulnerability in the CDE dtlogin daemon that can allow remote code execution with root privileges via crafted XDMCP packets. Affected platforms include Solaris and HP-UX (and related CDE environments), with multiple patches issued (Solaris patches 108920-30 / 108919...
CVE-2002-0678
CVE-2002-0678 relates to the CDE ToolTalk RPC database server (rpc.ttdbserverd). The OpenVAS/CERT CORE disclosures describe two vulnerabilities: (1) _TT_ISCLOSE range-check flaw permitting memory overwriting of the process when a local or remote client calls _TT_ISCLOSE; (2) _TT_TRANSACTION/log_f...
CVE-2002-0679
CVE-2002-0679 concerns the CDE ToolTalk RPC database server, rpc.ttdbserverd, which contains a heap buffer overflow vulnerability triggered by an argument to the _TT_CREATE_FILE() procedure. A remote attacker could exploit this to execute arbitrary code or cause a denial of service, typically run...