Update Protection against ToolTalk rpc.ttdbserverd Database Parser Heap Overflow Vulnerability
| Check Point Reference: | CPAI-2010-220 | |
| Date Published: | ||
| Severity: | ||
| Source: | Check Point Vulnerability Discovery Team | |
| Industry Reference(s): | CVE-2010-0083 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? IBM AIX Version 6.1.3 and earlier
Sun Solaris 10 Sparc/x86 and earlier
HP HP-UX 11.00
| ||
| Vulnerability Description A heap overflow vulnerability has been discovered in the ToolTalk database server. ToolTalk is a communications system developed by Sun Microsystems in order to allow applications to communicate with each other at runtime. A remote attacker may exploit this issue to execute arbitrary commands on an affected system. |
||
|
Vulnerability Details The vulnerability is located within a function of the ToolTalk database server (rpc.ttdbserverd). This vulnerability can be exploited to cause a heap overflow via a specially crafted database (.rec) file. Successful exploitation of this issue could allow the attacker to execute arbitrary code on an affected system. |
Protection Overview
This protection will detect and block malformed database (.rec) files.
In order for the protection to be activated, update your Security Gateway/VPN-1 product to the latest IPS/SmartDefense update. For information on how to update IPS/SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.