Summary
This host is running the CDE ToolTalk Database Server and is prone to the multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to remotely deleting arbitrary files and creating arbitrary directory entries. Further, attackers might be able to crash the ToolTalk RPC database server, denying service to legitimate users.
Impact Level: System/Application
Solution
Apply the patch from below link,
http://www.kb.cert.org/vuls/id/975403
Insight
Multiple flaws are due to,
- An error in the handling symbolic link. The server does not check to ensure that it is not a symbolic link. If an attacker creates a symbolic link on the filesystem with the path/filename of the logfile, transaction data will be written to the destination file as root.
- There are no checks to restrict the range of the index value. Consequently, malicious file descriptor values supplied by remote clients may cause writes to occur far beyond the table in memory. The only value written is a NULL word, limiting the consequences.
Affected
CDE ToolTalk RPC database server
References
Severity
Classification
-
CVE CVE-2002-0677, CVE-2002-0678 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities