CVE-2009-2727
IBM AIX 5.2.0, 5.3.0, 5.3.7-5.3.10, 6.1.0-6.1.3 - Stack-Based Buffer Overflow in _tt_internal_realpath
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2009-2727.
PoCs published by Metasploit, Ramon de C Valle, including Metasploit module exploits/aix/rpc_ttdbserverd_realpath.
AI-analyzed exploit summary This is a Metasploit module exploiting a buffer overflow in the ToolTalk database server (rpc.ttdbserverd) on IBM AIX systems. It targets multiple AIX versions and uses a brute-force approach to bypass memory address randomization.
Description
Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15.
Exploits (2)
This is a Metasploit module exploiting a buffer overflow in the ToolTalk database server (rpc.ttdbserverd) on IBM AIX systems. It targets multiple AIX versions and uses a brute-force approach to bypass memory address randomization.
This Metasploit module exploits a buffer overflow in the _tt_internal_realpath function of the ToolTalk database server (rpc.ttdbserverd) on IBM AIX systems. It includes multiple targets for different AIX versions and uses a brute-force approach to bypass memory randomization.