ToolTalk.ttdbserverd.Access
Description
This indicates detection of a request sent to the Common Desktop Environment (CDE) ToolTalk Remote Procedure Call (RPC) database server.
The ToolTalk architecture allows custom programs to communicate with each other over a network. ToolTalk-enabled programs communicate using RCP and are managed by the ToolTalk database server (rpc.ttdbserverd). There are many vulnerabilities in rpc.ttdbserverd that allow attackers to gain access to a target system or execute arbitrary code on it via specially-crafted RPC messages.
Affected Products
Any unprotected Unix based system with tooltalk database server enabled is vulnerable.
Impact
Attackers can gain access to the victim system and execute arbitrary commands.
Recommended Actions
Apply the appropriate patch. Please see the References for more information.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |