Threat Encyclopedia

ToolTalk.ttdbserverd.Format.String

Description

It indicates detection of a request sent to a Common Desktop Environment (CDE) ToolTalk Remote Procedure Call (RPC) database server.
The ToolTalk architecture allows custom programs to communicate with each other over a network. ToolTalk-enabled programs communicate using RPC and are managed by the ToolTalk database server (rpc.ttdbserverd). There are many vulnerabilities in rpc.ttdbserverd that may allow attackers to gain access to a target system or execute arbitrary code on it via specially-crafted RPC messages.

Affected Products

Any unprotected Unix based system with tooltalk database server enabled is vulnerable.

Impact

Attackers can gain access to the victim system and execute arbitrary commands including remotely deleting arbitrary files and remotely creating arbitrary directories. Furthermore, an attacker can crash the ToolTalk RPC database server, cause a denial-of-service.

Recommended Actions

Apply a patch from the vendor.

CVE References

CVE-2001-0717

Other References

1 1