Test ID:	1.3.6.1.4.1.25623.1.0.10787
Category:	RPC
Title:	tooltalk format string
Summary:	NOSUMMARY
Description:	Description: The tooltalk RPC service is running. There is a format string bug in many versions of this service, which allow an attacker to gain root remotely. In addition to this, several versions of this service allow remote attackers to overwrite abitrary memory locations with a zero and possibly gain privileges via a file descriptor argument in an AUTH_UNIX procedure call which is used as a table index by the _TT_ISCLOSE procedure. *** This warning may be a false positive since the presence *** of the bug was not verified locally. Solution : Disable this service or patch it See also : CERT Advisories CA-2001-27 and CA-2002-20 Risk factor : High
Cross-Ref:	BugTraq ID: 3382 BugTraq ID: 5082 Common Vulnerability Exposure (CVE) ID: CVE-2002-0677 Bugtraq: 20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server (Google Search) http://marc.info/?l=bugtraq&m=102635906423617&w=2 Caldera Security Advisory: CSSA-2002-SCO.28 ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt http://www.cert.org/advisories/CA-2002-20.html CERT/CC vulnerability note: VU#975403 http://www.kb.cert.org/vuls/id/975403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91 SGI Security Advisory: 20021102-02-P ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P Common Vulnerability Exposure (CVE) ID: CVE-2001-0717 http://www.securityfocus.com/bid/3382 Caldera Security Advisory: CSSA-2001-SCO.28 ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.28/CSSA-2001-SCO.28.txt http://www.cert.org/advisories/CA-2001-27.html Computer Incident Advisory Center Bulletin: M-002 http://www.ciac.org/ciac/bulletins/m-002.shtml COMPAQ Service Security Patch: SSRT0767U http://ftp.support.compaq.com/patches/.new/html/SSRT0767U.shtml HPdes Security Advisory: HPSBUX0110-168 http://online.securityfocus.com/advisories/3584 ISS Security Advisory: 20011002 Multi-Vendor Format String Vulnerability in ToolTalk Service http://xforce.iss.net/alerts/advise98.php http://securitytracker.com/id?1002479 Sun Security Bulletin: 00212 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/212 XForce ISS Database: tooltalk-ttdbserverd-format-string(7069) https://exchange.xforce.ibmcloud.com/vulnerabilities/7069 Common Vulnerability Exposure (CVE) ID: CVE-2002-0679 AIX APAR: IY32792 http://www-1.ibm.com/support/search.wss?rs=0&q=IY32792&apar=only AIX APAR: IY32793 http://www-1.ibm.com/support/search.wss?rs=0&q=IY32793&apar=only BugTraq ID: 5444 http://www.securityfocus.com/bid/5444 Bugtraq: 20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database (Google Search) http://marc.info/?l=bugtraq&m=102917002523536&w=2 Caldera Security Advisory: CSSA-2002-SCO.28.1 http://www.cert.org/advisories/CA-2002-26.html CERT/CC vulnerability note: VU#387387 http://www.kb.cert.org/vuls/id/387387 COMPAQ Service Security Patch: SSRT2274 HPdes Security Advisory: HPSBUX0207-199 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A177 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A192 http://www.iss.net/security_center/static/9822.php
Copyright	This script is Copyright (C) 2001 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.