Two security holes in a graphical user interface common on Unix and Linux systems from vendors such as IBM, Sun Microsystems Inc. and Hewlett-Packard Co. could allow an attacker to launch a denial-of-service attack or overwrite files on affected systems, according to a new security bulletin released yesterday by the Computer Emergency Response Team/Coordination Center (CERT/CC). The flaws exist in the ToolTalk component of the Common Desktop Environment (CDE), a tool used to add a graphical interface to systems running Unix and Linux that traditionally use command line interfaces. The ToolTalk system is used to give applications a way to send messages to each other across platforms and systems, CERT/CC said in its advisory. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.