Caldera Information for VU#387387

Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) vulnerable to buffer overflow via _TT_CREATE_FILE()

Status

Affected

Vendor Statement

Caldera Open UNIX and Caldera UnixWare provide the CDE ttdbserverd daemon, and is vulnerable to this issue. Please see Caldera Security Advisory CSSA-2002-SCO.28.1 for more information.

SCO OpenServer and Caldera OpenLinux do not provide CDE, and are therefore not vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.