Test Kennung:	1.3.6.1.4.1.25623.1.0.902548
Kategorie:	Buffer overflow
Titel:	IBM Informix Dynamic Server Oninit Remote Code Execution Vulnerability - Linux
Zusammenfassung:	IBM Informix Dynamic Server is prone to a remote code execution (RCE) vulnerability.
Beschreibung:	Summary: IBM Informix Dynamic Server is prone to a remote code execution (RCE) vulnerability. Vulnerability Insight: The flaw is due to a boundary error in the oninit process bound to TCP port 9088 when processing the arguments to the USELASTCOMMITTED option in a SQL query. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code with SYSTEM-level privileges. Affected Software/OS: IBM Informix Dynamic Server (IDS) version 11.50 Solution: Upgrade to IBM Informix IDS version 11.50.xC8 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1033 BugTraq ID: 46230 http://www.securityfocus.com/bid/46230 Bugtraq: 20110207 ZDI-11-050: IBM Informix Dynamic Server SET ENVIRONMENT Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/516250/100/0/threaded http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm http://zerodayinitiative.com/advisories/ZDI-11-050/ http://secunia.com/advisories/43212 http://securityreason.com/securityalert/8078 http://www.vupen.com/english/advisories/2011/0309 XForce ISS Database: ibm-informix-dynamic-oninit-bo(65209) https://exchange.xforce.ibmcloud.com/vulnerabilities/65209
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.