ID de Prueba:	1.3.6.1.4.1.25623.1.0.902548
Categoría:	Buffer overflow
Título:	IBM Informix Dynamic Server Oninit Remote Code Execution Vulnerability - Linux
Resumen:	IBM Informix Dynamic Server is prone to a remote code execution (RCE) vulnerability.
Descripción:	Summary: IBM Informix Dynamic Server is prone to a remote code execution (RCE) vulnerability. Vulnerability Insight: The flaw is due to a boundary error in the oninit process bound to TCP port 9088 when processing the arguments to the USELASTCOMMITTED option in a SQL query. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code with SYSTEM-level privileges. Affected Software/OS: IBM Informix Dynamic Server (IDS) version 11.50 Solution: Upgrade to IBM Informix IDS version 11.50.xC8 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1033 BugTraq ID: 46230 http://www.securityfocus.com/bid/46230 Bugtraq: 20110207 ZDI-11-050: IBM Informix Dynamic Server SET ENVIRONMENT Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/516250/100/0/threaded http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm http://zerodayinitiative.com/advisories/ZDI-11-050/ http://secunia.com/advisories/43212 http://securityreason.com/securityalert/8078 http://www.vupen.com/english/advisories/2011/0309 XForce ISS Database: ibm-informix-dynamic-oninit-bo(65209) https://exchange.xforce.ibmcloud.com/vulnerabilities/65209
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.