Vulnerability in the ToolTalk Database Server Allows Root Access (BugID 4499995)

When the ToolTalk Database Server (/usr/openwin/bin/rpc.ttdbserverd) is enabled, remote and local attacks are possible. These attacks can potentially give root access to the system. Attacked systems can be identified by the presence of garbage files in the root directory that begin with an A.

Workaround: Remove the rpc.ttdbserverd line from the inetd.conf file. Disable the service by using the chmod a-x command on /usr/openwin/bin/rpc.ttdbserverd. Check with your Sun representative about future patches.

Previous: librt Objects Do Not Transition to Multi-User Mode (BugID 4479719)
Next: Invalid Warning During System Boot (BugID 4519441)