NVD

Id
49963  
Name
CVE-2009-2727  
Description
Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2009-08-10  
Modified Date
2009-08-11  
Seq
2009-2727  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
252847 49963 CVE-2009-2727 http://aix.software.ibm.com/aix/efixes/security/libtt_advisory.asc  View
252848 49963 CVE-2009-2727 http://risesecurity.org/advisories/RISE-2009001.txt  View
252849 49963 CVE-2009-2727 IZ52842  View
252850 49963 CVE-2009-2727 IZ52843  View
252851 49963 CVE-2009-2727 IZ52844  View
252852 49963 CVE-2009-2727 IZ52845  View
252853 49963 CVE-2009-2727 IZ52846  View
252854 49963 CVE-2009-2727 IZ52847  View
252855 49963 CVE-2009-2727 IZ52848  View
252856 49963 CVE-2009-2727 IZ52849  View
252857 49963 CVE-2009-2727 IZ52850  View
252858 49963 CVE-2009-2727 IZ52851  View
252859 49963 CVE-2009-2727 35419  View
252860 49963 CVE-2009-2727 ADV-2009-1620  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
40889 JVNDB-2009-001895 IBM AIX の ToolTalk ライブラリにおけるスタックベースのバッファオーバーフローの脆弱性 IBM AIX の ToolTalk ライブラリ内にある _tt_internal_realpath 関数には、/etc/inetd.conf において rpc.ttdbserver デーモンが有効な場合に、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2009-2727 40158 CVE-2009-2727 49963 9.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001895.html 2009-08-10 2009-08-18 View