PT-2004-3027 · Ibm · Ibm Informix Dynamic Server

Publicado

2004-01-27

Atualizado

2017-07-11

CVE-2004-2131

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM Informix Dynamic Server (IDS) versions 9.40.xC3 and earlier

Description A stack-based buffer overflow issue exists, allowing local users with DSA privileges to execute arbitrary code via a long ONCONFIG environment variable.

Recommendations For IBM Informix Dynamic Server (IDS) versions 9.40.xC3 and earlier, consider restricting access to the ontape utility until a fix is available, and limit the length of the ONCONFIG environment variable to prevent exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-2131

Produtos afetados

Ibm Informix Dynamic Server

PT-2004-3027 · Ibm · Ibm Informix Dynamic Server

CVE-2004-2131

Identificadores relacionados

Produtos afetados

Referências · 9