Users warned over ToolTalk vulnerability.
Security watchers have warned of a major vulnerability affecting multiple flavours of the Unix operating system. Yesterday security firm Entercept, in conjunction with Cert, released details of a remotely exploitable vulnerability in the Common Desktop Environment (CDE)ToolTalk database server - part of the standard graphical interface on all commercial Unix platforms.
According to the warning an attacker could use a specially crafted argument in a Remote Procedure Call (RPC) to exploit a vulnerability in the ToolTalk server. The exploit could be used to remotely execute arbitrary code on the target machine, or cause a denial of service.
The severity of the threat is compounded by the fact that the ToolTalk database server typically runs with root privileges, meaning that malicious code would be executed at the highest level.
Entercept advises enterprises to deploy vendor patches as soon as possible. A number of major Unix distributors, such as Caldera, IBM and Sun, are planning to release patches in the very near future. Others are still looking at the possible impact of the vulnerability.
News source: vnunet.com