Intrusion Prevention



This indicates an attack attempt against a buffer overflow vulnerability in the Common Desktop Environment (CDE) ToolTalk Remote Procedure Call (RPC) database server.
The vulnerability is caused by improper bounds checking in the _tt_internal_realpath function. By sending a specially crafted RPC request to the remote procedure 15, a remote attacker could overflow a buffer and execute arbitrary code on a vulnerable system.

Affected Products

IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3


System Compromise:Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for suggested workaround.

CVE References