What is CVE-2009-2727?

CVE-2009-2727 is a vulnerability in N/a. Published 2009-08-10.

Is CVE-2009-2727 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2009-2727

Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allow…

EPSS: 0.784 (99.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

IZ52843 (vendor-advisory, x_refsource_AIXAPAR)
35505 (x_refsource_SECUNIA, third-party-advisory)
aix.software.ibm.com/aix/efixes/security/libtt_advisory.asc (x_refsource_CONFIRM)
ADV-2009-1620 (vdb-entry, x_refsource_VUPEN)
IZ52848 (vendor-advisory, x_refsource_AIXAPAR)
IZ52844 (vendor-advisory, x_refsource_AIXAPAR)
risesecurity.org/advisories/RISE-2009001.txt (x_refsource_MISC)
IZ52850 (vendor-advisory, x_refsource_AIXAPAR)
IZ52847 (vendor-advisory, x_refsource_AIXAPAR)
IZ52849 (vendor-advisory, x_refsource_AIXAPAR)

Frequently asked questions

What is CVE-2009-2727?: CVE-2009-2727 is a vulnerability in N/a. Published 2009-08-10.
Is CVE-2009-2727 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.