CDE is a graphical interface used on Unix and some Linux systems. The ToolTalk component of the software allows applications to communicate with each other across different platforms and hosts via remote procedure calls (RPC). The RPC database server manages those communications.
The vulnerability comes as the result of a buffer overflow -- an attack in which the amount of memory assigned to an application or process is overrun, often with unpredictable results -- in the _TT_CREATE_FILE procedure in the ToolTalk RPC database server, according to CERT/CC, which is based at Carnegie Mellon University in Pittsburgh. CERT/CC is a federally funded computer and network security organization that frequently coordinates the release and repair of software security holes.
By sending a specially crafted RPC message to the vulnerable component, an attacker could gain the ability to run code on the target system with the same privileges as the ToolTalk server, CERT/CC said. Even if an attacker were not able to run code, the attack would cause a denial of service, CERT/CC added.
CDE is included in software from IBM, Hewlett-Packard, Sun, Silicon Graphics and others. Users should check with their vendors on whether their systems are vulnerable and for patch status and availability.
More information about the vulnerability, including a list of affected software, workarounds and patches, can be found in CERT/CC's advisory.
Another vulnerability which could lead to a denial-of-service attack was found in the ToolTalk RPC database server in July.
The IDG News Service is a Network World affiliate.
RELATED LINKS
