Intrusion Prevention

AIX.Ttdbserver.libtt.A.Realpath.stack.Overflow

Description

This indicates an attack attempt against a buffer overflow vulnerability in the Common Desktop Environment (CDE) ToolTalk Remote Procedure Call (RPC) database server.
The vulnerability is caused by improper bounds checking in the _tt_internal_realpath function. By sending a specially crafted RPC request to the remote procedure 15, a remote attacker could overflow a buffer and execute arbitrary code on a vulnerable system.

Affected Products

IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3

Impact

System Compromise:Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for suggested workaround.
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4699&myns=paix52&mync=E

CVE References

CVE-2009-2727