Security watchers have warned of a major vulnerability affecting multiple flavours of the Unix operating system.
Yesterday security firm Entercept, in conjunction with Cert, released details of a remotely exploitable vulnerability in the Common Desktop Environment (CDE)ToolTalk database server - part of the standard graphical interface on all commercial Unix platforms.
According to the warning an attacker could use a specially crafted argument in a Remote Procedure Call (RPC) to exploit a vulnerability in the ToolTalk server. The exploit could be used to remotely execute arbitrary code on the target machine, or cause a denial of service.
The severity of the threat is compounded by the fact that the ToolTalk database server typically runs with root privileges, meaning that malicious code would be executed at the highest level.
Entercept advises enterprises to deploy vendor patches as soon as possible. A number of major Unix distributors, such as Caldera, IBM and Sun, are planning to release patches in the very near future. Others are still looking at the possible impact of the vulnerability.
Yeah, sorry about all that, simpers Zuckerberg
Vivaldi promotes DuckDuckGo search engine over Google over privacy concerns
Scientists say that strontium titanate could transform electronics
The wheels of justice grind surprisingly slowly