Security watchers have warned of a major vulnerability affecting multiple flavours of the Unix operating system.
Yesterday security firm Entercept, in conjunction with Cert, released details of a remotely exploitable vulnerability in the Common Desktop Environment (CDE)ToolTalk database server - part of the standard graphical interface on all commercial Unix platforms.
According to the warning an attacker could use a specially crafted argument in a Remote Procedure Call (RPC) to exploit a vulnerability in the ToolTalk server. The exploit could be used to remotely execute arbitrary code on the target machine, or cause a denial of service.
The severity of the threat is compounded by the fact that the ToolTalk database server typically runs with root privileges, meaning that malicious code would be executed at the highest level.
Entercept advises enterprises to deploy vendor patches as soon as possible. A number of major Unix distributors, such as Caldera, IBM and Sun, are planning to release patches in the very near future. Others are still looking at the possible impact of the vulnerability.
Double legal trouble for Musk as he also faces civil lawsuit over renewed British pot-holer 'paedo' claims
Battery development could help boost performance of smartphones
Topological photonic chips promise a more robust option for scalable quantum computers
In quantum physics both the chicken and the egg can come first, claim University of Queensland researchers
Cause-and-effect is not always straightforward in quantum physics