VDB
CVE-2002-0678
CVE-2002-0678
PUBLISHED
CVSS 7.199999809265137 HIGH
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
EPSS 0.43% · 62.9th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
0.43%
62.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| caldera | unixware | 7.1.1, 7.0, 7.1.0 |
| n/a | n/a | n/a |
| hp | hp-ux | 11.11, 10.20, 10.10 |
| ibm | aix | 5.1, 4.3.3 |
| caldera | openunix | 8.0 |
| sgi | irix | 6.5.5, 6.5.6, 6.5.7 |
| compaq | tru64 | 4.0f, 5.1, 5.1a |
| sun | solaris | 2.6, 9.0 |
| sun | sunos | 5.8, 5.5.1, 5.7 |
| xi_graphics | dextop | 2.1 |
Timeline
- Jul 23, 2002 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- CSSA-2002-SCO.28 vendor-advisory
- CA-2002-20 third-party-advisory
- 20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server mailing-list
- HPSBUX0207-199 vendor-advisory
- IY32368 vendor-advisory
- VU#299816 third-party-advisory
- 20021101-01-P vendor-advisory
- oval:org.mitre.oval:def:175 vdb
- oval:org.mitre.oval:def:80 vdb
- 5083 vdb
- tooltalk-ttdbserverd-tttransaction-symlink(9527) vdb
- oval:org.mitre.oval:def:2770 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2002-0678 advisory