Multiple Vendor ToolTalk Heap Overflow Remote Code Execution Vulnerability

The ToolTalk implementation from multiple vendors is prone to a remote code-execution vulnerability.

The vulnerability can be exploited over the 'RPC' protocol.

An attacker can exploit this issue to execute arbitrary code with superuser privileges. Failed exploit attempts will likely result in a denial-of-service condition.

This vulnerability affects the following operating systems:

Oracle Solaris 8, 9, and 10
Oracle OpenSolaris
IBM AIX 5.3, 6.1, and prior
IBM VIOS 1.5, 2.1, and prior


Privacy Statement
Copyright 2010, SecurityFocus