Critical ToolTalk Database Server Parser vulnerability discovered

Check Point announced that its IPS Research team has recently discovered a critical vulnerability in a function of the ToolTalk Database Server Parser that can enable a remote attacker to potentially inject and execute arbitrary code onto the affected system.

The vulnerability identified is in the RPC-based ToolTalk database server that creates and manages database files and affects all system users with IBM AIX Version 6.1.3 and lower, Sun Solaris 10 Sparc/x86 and lower, as well as HP HP-UX 11.0 and lower.

The vulnerability was discovered and responsibly disclosed to vendors by the IPS Research team. Check Point recommends applying the latest vendor patches and getting immediate protection by applying the latest IPS update.