Intrusion Prevention

AIX.Ttdbserver.libtt.A.Realpath.stack.Overflow

Description

This indicates an attack attempt against a buffer overflow vulnerability in the Common Desktop Environment (CDE) ToolTalk Remote Procedure Call (RPC) database server.
The vulnerability is caused by improper bounds checking in the _tt_internal_realpath function. By sending a specially crafted RPC request to the remote procedure 15, a remote attacker could overflow a buffer and execute arbitrary code on a vulnerable system.

Affected Products

IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3

Impact

System Compromise:Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for suggested workaround.
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4699&myns=paix52&mync=E

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://risesecurity.org/advisories/RISE-2009001.txt

ID	25888
Created	May 09, 2011
Updated	Feb 24, 2022
Risk
CVE ID	CVE-2009-2727
Exploit Prediction Score	94.83%
Default Action	drop
Active
Affected OS	Solaris, Other
Affected App	Oracle, SUN

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

AIX.Ttdbserver.libtt.A.Realpath.stack.Overflow

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

AIX.Ttdbserver.libtt.A.Realpath.stack.Overflow

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

References

Threat Intelligence
Center