Tutorial - Tooltalk Version
Tooltalk Version
Summary
rpc.ttdbserverd: A desktop manager support program, rpc.ttdbserverd can
be exploited through a buffer overflow attack. Possibly, some patched
versions are exploitable.
Impact
A remote intruder can execute commands as root if the buffer overflow
attack is successful.
The problem
The rpc.ttdbserverd program (especially Solaris 2.5.x and 2.6, and IRIX 6.x)
is exploitable for remote root access. Versions are vulnerable to a buffer
overflow attack where a well crafted pattern could execute arbitrary
commands as the root user
Fix
- Where possible, disable rpc.ttdbserverd in the inetd.conf file.
- Otherwise, patch the system to a version that is not vulnerable to
the buffer overflow attack. However, there are reports that even patched
versions may be vulnerable.
Other tips
CVE References(s):