oval:org.mitre.oval:def:91

Definition Id: oval:org.mitre.oval:def:91

Oval ID:	oval:org.mitre.oval:def:91
Title:	Solaris 7 CDE ToolTalk Database Null Write Vulnerability
Description:	CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2002-0677	Version:	3
Platform(s):	Sun Solaris 7	Product(s):	Common Desktop Environment
Definition Synopsis:
Software section Solaris 7 Installed AND File rpc.ttdbserverd exists AND NOT Patch 107893-19 or later installed AND Configuration section inetd.conf contains rpc.ttdbserverd AND inetd running AND File rpc.ttdbserverd executable File rpc.ttdbserverd executable AND File rpc.ttdbserverd executable AND File rpc.ttdbserverd executable