CVE-1999-0687

5 documents4 sources
Severity
7.5HIGH
EPSS
7.3%
top 8.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
CDE CDEDigital UnixIBM AIX+2 more
Timeline
PublishedSep 13
Latest updateApr 30

Description

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages5 packages

NVDcde/cde7 versions+6
NVDibm/aix11 versions+10
NVDsun/sunos7 versions+6
NVDsun/solaris5 versions+4
NVDdigital/unix4.0d, 4.0f+1

🔴Vulnerability Details

2
GHSA
GHSA-r6jq-jwxp-368g: The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands2022-04-30
CVEList
CVE-1999-0687: The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands2000-01-04

🔍Detection Rules

2
Suricata
GPL RPC portmap ttdbserv request TCP2010-09-23
Suricata
GPL RPC portmap ttdbserv request UDP2010-09-23