CDE ToolTalk database server (ttdbserver) allows remote malicious users to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
caldera unixware 7 |
||
caldera unixware 7.1.1 |
||
caldera unixware 7.1_.0 |
||
sgi irix 6.2 |
||
sgi irix 6.3 |
||
sgi irix 6.5.13 |
||
sgi irix 6.5.14 |
||
sgi irix 6.5.7 |
||
sgi irix 6.5.8 |
||
sgi irix 5.3 |
||
sgi irix 6.0 |
||
sgi irix 6.5.1 |
||
sgi irix 6.5.10 |
||
sgi irix 6.5.2 |
||
sgi irix 6.5.3 |
||
sgi irix 6.0.1 |
||
sgi irix 6.1 |
||
sgi irix 6.5.11 |
||
sgi irix 6.5.12 |
||
sgi irix 6.5.4 |
||
sgi irix 6.5.5 |
||
sgi irix 6.5.6 |
||
xi graphics dextop 2.1 |
||
sgi irix 5.2 |
||
sgi irix 6.4 |
||
sgi irix 6.5 |
||
sgi irix 6.5.15 |
||
sgi irix 6.5.16 |
||
sgi irix 6.5.9 |
||
compaq tru64 5.1 |
||
compaq tru64 5.1a |
||
ibm aix 5.1 |
||
sun sunos 5.5.1 |
||
caldera openunix 8.0 |
||
compaq tru64 4.0f |
||
hp hp-ux 10.24 |
||
hp hp-ux 11.00 |
||
sun sunos 5.8 |
||
compaq tru64 4.0g |
||
compaq tru64 5.0a |
||
hp hp-ux 11.11 |
||
ibm aix 4.3.3 |
||
hp hp-ux 10.10 |
||
hp hp-ux 10.20 |
||
sun solaris 2.6 |
||
sun sunos 5.7 |
Vulmon