Vulnerability Description
Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tooltalk | Tooltalk Database Server | All versions |
References
- ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.28/CSSA-2001-SCO.28.
- http://ftp.support.compaq.com/patches/.new/html/SSRT0767U.shtml
- http://online.securityfocus.com/advisories/3584
- http://securitytracker.com/id?1002479
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/212
- http://www.cert.org/advisories/CA-2001-27.htmlUS Government Resource
- http://www.ciac.org/ciac/bulletins/m-002.shtml
- http://www.securityfocus.com/bid/3382
- http://xforce.iss.net/alerts/advise98.phpPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7069
- ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.28/CSSA-2001-SCO.28.
- http://ftp.support.compaq.com/patches/.new/html/SSRT0767U.shtml
- http://online.securityfocus.com/advisories/3584
- http://securitytracker.com/id?1002479
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/212
FAQ
What is CVE-2001-0717?
CVE-2001-0717 is a vulnerability with a CVSS score of 10.0 (HIGH). Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function.
How severe is CVE-2001-0717?
CVE-2001-0717 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0717?
Check the references section above for vendor advisories and patch information. Affected products include: Tooltalk Tooltalk Database Server.