CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Irix | Sgi | 6.5.6 | 6.5.6 |
Irix | Sgi | 5.3 | 5.3 |
Irix | Sgi | 6.0.1 | 6.0.1 |
Irix | Sgi | 6.5.1 | 6.5.1 |
Irix | Sgi | 6.5.10 | 6.5.10 |
Irix | Sgi | 6.1 | 6.1 |
Dextop | Xi_graphics | 2.1 | 2.1 |
Irix | Sgi | 6.5.12 | 6.5.12 |
Unixware | Caldera | 7.1_.0 | 7.1_.0 |
Irix | Sgi | 6.5.9 | 6.5.9 |
Irix | Sgi | 6.4 | 6.4 |
Irix | Sgi | 6.5.15 | 6.5.15 |
Unixware | Caldera | 7 | 7 |
Irix | Sgi | 6.5.3 | 6.5.3 |
Irix | Sgi | 6.5.14 | 6.5.14 |
Irix | Sgi | 6.5.8 | 6.5.8 |
Irix | Sgi | 6.5.5 | 6.5.5 |
Irix | Sgi | 5.2 | 5.2 |
Irix | Sgi | 6.5.4 | 6.5.4 |
Irix | Sgi | 6.5.11 | 6.5.11 |
Irix | Sgi | 6.0 | 6.0 |
Irix | Sgi | 6.3 | 6.3 |
Irix | Sgi | 6.5.2 | 6.5.2 |
Irix | Sgi | 6.5 | 6.5 |
Irix | Sgi | 6.5.7 | 6.5.7 |
Unixware | Caldera | 7.1.1 | 7.1.1 |
Irix | Sgi | 6.2 | 6.2 |
Irix | Sgi | 6.5.13 | 6.5.13 |
Irix | Sgi | 6.5.16 | 6.5.16 |