This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cde First view 1999-09-13
Product Cde Last view 1999-09-13
Version 1.0.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:cde:cde

Activity : Overall

Related : CVE

  Date Alert Description
7.2 1999-09-13 CVE-1999-0691

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

7.2 1999-09-13 CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

7.5 1999-09-13 CVE-1999-0687

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

Open Source Vulnerability Database (OSVDB)

id Description
1072 Multiple Vendor CDE dtspcd Symlink Arbitrary Privileged Command Execution
1071 Multiple Vendor CDE dtaction AddSuLog Function Local Overflow
657 CDE ToolTalk ttsession Weak Authentication Arbitrary Command Execution

Snort® IPS/IDS

Date Description
2014-01-10 portmap ttdbserv request UDP
RuleID : 588-community - Type : PROTOCOL-RPC - Revision : 27
2014-01-10 portmap ttdbserv request UDP
RuleID : 588 - Type : PROTOCOL-RPC - Revision : 27
2014-01-10 portmap tooltalk request UDP
RuleID : 1299 - Type : RPC - Revision : 16
2014-01-10 portmap tooltalk request TCP
RuleID : 1298 - Type : RPC - Revision : 16
2014-01-10 portmap ttdbserv request TCP
RuleID : 1274-community - Type : PROTOCOL-RPC - Revision : 26
2014-01-10 portmap ttdbserv request TCP
RuleID : 1274 - Type : PROTOCOL-RPC - Revision : 26