Hi, Would this impact SuSE 7.2 and is there a fix for SuSE ? Regards Matt
From Subject Received Cc Sent Bcc CERT Advisory CERT Advisory CA-2001-27 Fri 10/5/01 10:05 PM Fri 10/5/01 7:52 PM
Overview There is a remotely exploitable format string vulnerability in the CDE ToolTalk RPC database service. This vulnerability could be used to crash the service or execute arbitrary code, potentially allowing an intruder to gain root access. This vulnerability is documented in VU#595507. This document is available from: http://www.cert.org/advisories/CA-2001-27.html
Matt wrote:
Hi,
Would this impact SuSE 7.2 and is there a fix for SuSE ?
Regards
Matt
From Subject Received Cc Sent Bcc CERT Advisory CERT Advisory CA-2001-27 Fri 10/5/01 10:05 PM Fri 10/5/01 7:52 PM
Overview
There is a remotely exploitable format string vulnerability in the CDE ToolTalk RPC database service. This vulnerability could be used to crash the service or execute arbitrary code, potentially allowing an intruder to gain root access. This vulnerability is documented in VU#595507.
This document is available from: http://www.cert.org/advisories/CA-2001-27.html
CDE is the X desktop for sun(and other) OS's, ToolTalk AFAIK is sun sepcific.. so I doubt it... but I could be wrong! - Stuart Harris - <stuart at xinitsystems.com> - Xinit Systems, Building linux the way it should be! www.xinitsystems.com
Hi, On Monday 08 October 2001 15:42, Matt wrote:
Would this impact SuSE 7.2 and is there a fix for SuSE ?
Only if you run commercial CDE on Linux. Which is not SuSE's business ...
Regards
Matt
From Subject Received Cc Sent Bcc
CERT Advisory CERT Advisory CA-2001-27 Fri 10/5/01 10:05 PM Fri 10/5/01 7:52 PM [ ... CDE tooltalk stuff ...] This document is available from: http://www.cert.org/advisories/CA-2001-27.html
Regards, Martin -- Martin Leweling Institut fuer Planetologie, WWU Muenster Wilhelm-Klemm-Str. 10, 48149 Muenster, Germany
On Mon, 8 Oct 2001, Matt wrote:
From: Matt
To: suse-security@suse.de Date: Mon, 08 Oct 2001 14:42:22 +0100 Subject: [suse-security] Impact on Linux and SuSE ? Hi,
Would this impact SuSE 7.2 and is there a fix for SuSE ?
SuSE does not contain the daemon (rpc.ttdbserverd or similar) in question and is therefore not vulnerable. I don't know of any Linux distribution that ships this kind of software. People see an increased amount of portscans to port 111 now, which are signs of the vulnerability being actively exploited. The exploit must contact the rpc-portmapper at port 111 to ask for the port of the ttdb server.
This document is available from: http://www.cert.org/advisories/CA-2001-27.html
I'll have to investigate this a bit further to make sure we don't have
something that is called differently but might be the same or even use the
same codebase. If you don't hear anything very soon, then forget it again!
Thanks,
Roman.
--
- -
| Roman Drahtmüller
participants (4)
-
Martin Leweling
-
Matt
-
Roman Drahtmueller
-
Stuart Harris