Intrusion PreventionToolTalk.ttdbserverd.Access
Description
This indicates detection of a request sent to the Common Desktop Environment (CDE) ToolTalk Remote Procedure Call (RPC) database server.
The ToolTalk architecture allows custom programs to communicate with each other over a network. ToolTalk-enabled programs communicate using RCP and are managed by the ToolTalk database server (rpc.ttdbserverd). There are many vulnerabilities in rpc.ttdbserverd that allow attackers to gain access to a target system or execute arbitrary code on it via specially-crafted RPC messages.
Affected Products
Any unprotected Unix based system with tooltalk database server enabled is vulnerable.
Impact
Attackers can gain access to the victim system and execute arbitrary commands.
Recommended Actions
Apply the appropriate patch. Please see the References for more information.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 12139 |
| Created | Sep 11, 2006 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2009-2727 CVE-2002-0679 CVE-1999-0687 CVE-1999-0693 CVE-1999-0003 CVE-2002-0677 CVE-1999-1075 CVE-2001-0717 |
| Exploit Prediction Score | 94.34% |
| Default Action | pass |
| Active | |
| Affected OS | Solaris, Other |
| Affected App | SUN, Other |