Notified: July 04, 2002 Updated: August 20, 2002
Affected
Caldera Open UNIX and Caldera UnixWare provide the CDE ttdbserverd daemon, and is vulnerable to this issue. Please see Caldera Security Advisory CSSA-2002-SCO.28.1 for more information. SCO OpenServer and Caldera OpenLinux do not provide CDE, and are therefore not vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: July 04, 2002 Updated: August 09, 2002
Unknown
Cray, Inc. does include ToolTalk within the CrayTools product. However, rpc.ttdbserverd is not turned on or used by any Cray provided application. Since a site may have turned this on for their own use, they can always remove the binary /opt/ctl/bin/rpc.ttdbserverd if they are concerned.
The vendor has not provided us with any further information regarding this vulnerability.
Given the history of CDE source code, it is likely that the CrayTools ToolTalk RPC database server is vulnerable.
Notified: July 04, 2002 Updated: July 05, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: July 04, 2002 Updated: September 09, 2002
Affected
SOURCE: Hewlett-Packard Company Software Security Response Team (SSRT)
Date: 15 August, 2002
CROSS REFERENCE ID: SSRT2274
HP Tru64 UNIX
At the time of writing this document, Hewlett Packard is currently investigating the potential impact to HP-UX and HP Tru64 UNIX released operating system software.
HP will provide notice of the availability of any necessary patches through standard security bulletin announcements and be available from your normal HP Services support channel.
HP-UX
A preliminary fix for HP-UX is avaiable:
Originally issued: 12 July 2002
Last revision: 14 Aug 2002
ftp://ttdb1:ttdb1@hprc.external.hp.com/
file: rpc.ttdbserver.2.tar.gz
Details can be found in HPSBUX0207-199 at http://itrc.hp.com
NOT IMPACTED:
HP-MPE/ix
HP OpenVMS
HP NonStop Servers
HP Recommended Workaround:
A recommended workaround is to disable rpc.ttdbserverd until solutions are available. This should only create a potential problem for public software packages applications that use the RPC-based ToolTalk database server. This step should be evaluated against the risks identified, your security measures environment, and potential impact of other products that may use the ToolTalk database server.
To disable rpc.ttdbserverd:
HP Tru64 Unix:
Comment out the following line in /etc/inetd.conf:rpc.ttdbserverd stream tcp swait root /usr/dt/bin/rpc.ttdbserverd rpc.ttdbserverd
Force inetd to re-read the configuration file by executing the inetd -h command.
Note: The internet daemon should kill the currently running rpc.ttdbserver. If not, manually kill any existing rpc.ttdbserverd process.
HP-UX:
Comment out the following line in /etc/inetd.conf:rpc stream tcp swait root /usr/dt/bin/rpc.ttdbserver 100083 1 /usr/dt/bin/rpc.ttdbserver [10.20]
orrpc xti tcp swait root /usr/dt/bin/rpc.ttdbserver 100083 1 /usr/dt/bin/rpc.ttdbserver [11.0/11.11]Force inetd to re-read the configuration file by executing the inetd -c command.
Note: The internet daemon should kill the currently running rpc.ttdbserver. If not, manually kill any existing rpc.ttdbserverd process.
To report potential security vulnerabilities in HP software, send an E-mail message to: security-alert@hp.com
The vendor has not provided us with any further information regarding this vulnerability.
Hewlett-Packard has released a security bulletin (SRB0039W/SSRT2274) that addresses VU#387387 and other vulnerabilities.
Notified: July 04, 2002 Updated: August 13, 2002
Affected
The CDE desktop product shipped with AIX is vulnerable to the issue detailed above in the advisory. This affects AIX releases 4.3.3 and 5.1.0. An efix package for this issue is currently available from the IBM software ftp site. The efix packages can be downloaded via anonymous ftp from ftp.software.ibm.com/aix/efixes/security. This directory contains a README file that gives further details on the efix packages. The following APARs will be available in the near future: AIX 4.3.3: IY32792 AIX 5.1.0: IY32793
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: July 04, 2002 Updated: August 09, 2002
Unknown
SGI acknowledges the ToolTalk vulnerabilities reported by CERT and is currently investigating. No further information is available at this time. For the protection of all our customers, SGI does not disclose, discuss or confirm vulnerabilities until a full investigation has occurred and any necessary patch(es) or release streams are available for all vulnerable and supported IRIX operating systems. Until SGI has more definitive information to provide, customers are encouraged to assume all security vulnerabilities as exploitable and take appropriate steps according to local site security policies and requirements. As further information becomes available, additional advisories will be issued via the normal SGI security information distribution methods including the wiretap mailing list on http://www.sgi.com/support/security/.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: July 04, 2002 Updated: August 09, 2002
Affected
The Solaris RPC-based ToolTalk database server, rpc.ttdbserverd, is vulnerable to the buffer overflow described in this advisory in all currently supported versions of Solaris: Solaris 2.5.1, 2.6, 7, 8, and 9 Patches are being generated for all of the above releases. Sun will be publishing Sun Alert 46366 for this issue which will be located here: http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert%2F46366 The Sun Alert will be updated as more information or patches become available. The patches will be available from: http://sunsolve.sun.com/securitypatch Sun will be publishing a Sun Security Bulletin for this issue once all of the patches are available which will be located at: http://sunsolve.sun.com/security
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: July 04, 2002 Updated: July 05, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: July 04, 2002 Updated: August 09, 2002
Affected
Xi Graphics deXtop CDE v2.1 is vulnerable to this attack. The update and accompanying text file will be: ftp://ftp.xig.com/pub/updates/dextop/2.1/DEX2100.016.tar.gz ftp://ftp.xig.com/pub/updates/dextop/2.1/DEX2100.016.txt Most sites do not need to use the ToolTalk server daemon. Xi Graphics Security recommends that non-essential services are never enabled. To disable the ToolTalk server on your system, edit /etc/inetd.conf and comment out, or remove, the 'rpc.ttdbserver' line. Then, either restart inetd, or reboot your machine.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.