Sun Microsystems Inc. Information for VU#387387
Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) vulnerable to buffer overflow via _TT_CREATE_FILE()
- Vendor Information Help Date Notified: 04 Jul 2002
- Statement Date:
- Date Updated: 09 Aug 2002
Status
Affected
Vendor Statement
The Solaris RPC-based ToolTalk database server, rpc.ttdbserverd, is vulnerable to the buffer overflow described in this advisory in all currently supported versions of Solaris:
Solaris 2.5.1, 2.6, 7, 8, and 9
The Sun Alert will be updated as more information or patches become available. The patches will be available from:
Sun will be publishing a Sun Security Bulletin for this issue once all of the patches are available which will be located at:
- http://sunsolve.sun.com/security
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.