All the latest UK technology news, reviews and analysis

Hackers tool up for Unix attack

by James Middleton

13 Aug 2002

Be the first to comment

  • Tweet this

Security watchers have warned of a major vulnerability affecting multiple flavours of the Unix operating system.

Yesterday security firm Entercept, in conjunction with Cert, released details of a remotely exploitable vulnerability in the Common Desktop Environment (CDE)ToolTalk database server - part of the standard graphical interface on all commercial Unix platforms.

Further reading

According to the warning an attacker could use a specially crafted argument in a Remote Procedure Call (RPC) to exploit a vulnerability in the ToolTalk server. The exploit could be used to remotely execute arbitrary code on the target machine, or cause a denial of service.

The severity of the threat is compounded by the fact that the ToolTalk database server typically runs with root privileges, meaning that malicious code would be executed at the highest level.

Entercept advises enterprises to deploy vendor patches as soon as possible. A number of major Unix distributors, such as Caldera, IBM and Sun, are planning to release patches in the very near future. Others are still looking at the possible impact of the vulnerability.

More information can be obtained from Entercept and Cert.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

IBM logo

IBM integrates threat data with security analytics dashboard

Related white papers

Related articles

Related jobs

Today's top stories

Microsoft Windows 8 start screen

Microsoft turns SkyDrive into cloud computing storage tool for Windows 8

PlayBook BlackBerry 2.0 update from Research in Motion

Research in Motion confirms BlackBerry PlayBook 2.0 software update available

Fujitsu Primergy TX120 S3 review - tower

Fujitsu Primergy TX120 S3 review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

97%

1%

1%

0%

1%

Features

V3 reporter Dan Worth

World-changing CERN experiments highlight humanity’s intrinsic curiosity

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

FX Technical Implementation Consultant FX FOREX Trading London

FX Technical Implementation Consultant (Business Analyst...

IT Support Analyst - Leyland, Lancashire

IT Support Analyst required by Leyland, Lancashire Software...

Web Developer ( PHP5, OO, MySQL ) - Shrewsbury

A talented PHP / Web Developer is required for a web...

Software Developer ( .NET, C#, VB6, SQL ) Cheshire

Software Developer ( .NET, C#, VB6, SQL) needed. This...

To send to more than one email address, simply separate each address with a comma.