| VID |
17016 |
| Severity |
40 |
| Port |
111 |
| Protocol |
TCP,UDP |
| Class |
RPC |
| Detailed Description |
The tooltalk RPC service is running. An possible implementation fault in the ToolTalk object database server may allow a cracker to execute arbitrary commands as root. |
| Recommendation |
Disable the 'tooltalk' rpc service if it's not needed, or use it after asking to the vendor whether not to be vulnerable.
To disable 'tooltalk' service,
first, you become a root, and then stop the service like the following:
# rpcinfo -d [program num] [version num]
And comment its entry by putting a # at the beginning of the line with 'ttdbserverd' or 'tooltalk', and revoke 'inetd' daemon.
Solaris 10, Solaris 11, Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
1. you become a root, and then stop the service like the following:
# rpcinfo -d [program num] [version num]
2. comment its entry by putting a # at the beginning of the line with ttdbserverd or 'tooltalk' in /etc/rpc
3. # pkill -HUP (x)inetd |
| Related URL |
CVE-1999-0003 (CVE) |
| Related URL |
122 (SecurityFocus) |
| Related URL |
1408 (ISS) |
|
