This event is generated when an attempt is made to disable the rpc.ttdbservd service.
Impact
Denial of service. A successful attack may kill the ToolTalk database server.
Detailed Information
The ttdbserverd RPC service, more commonly known as the ToolTalk database server, allows applications to communicate in the Common Desktop Environment (CDE). The ToolTalk service receives ToolTalk messages created and sent by applications and delivers them to the appropriate recipient applications. The ToolTalk database server is enabled by default on hosts with CDE. Due to an implementation fault in rpc.ttdbserverd, it is possible for a malicious remote client to formulate an RPC message that will cause the server to crash.