Threat Encyclopedia

ToolTalk.ttdbserverd.Access

Description

This indicates detection of a request sent to the Common Desktop Environment (CDE) ToolTalk Remote Procedure Call (RPC) database server.
The ToolTalk architecture allows custom programs to communicate with each other over a network. ToolTalk-enabled programs communicate using RCP and are managed by the ToolTalk database server (rpc.ttdbserverd). There are many vulnerabilities in rpc.ttdbserverd that allow attackers to gain access to a target system or execute arbitrary code on it via specially-crafted RPC messages.

Affected Products

Any unprotected Unix based system with tooltalk database server enabled is vulnerable.

Impact

Attackers can gain access to the victim system and execute arbitrary commands.

Recommended Actions

Apply the appropriate patch. Please see the References for more information.

Other References

1 1