PT-2010-1272 · Ibm · Librpc.Dll+2

Sebastian Apelt

Publicado

2010-03-01

Atualizado

2018-10-10

CVE-2009-2753

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM Informix Dynamic Server (IDS) versions 10.x prior to 10.00.TC9 IBM Informix Dynamic Server (IDS) versions 11.x prior to 11.10.TC3

Description The issue concerns multiple buffer overflows in the authentication functionality of the Informix Storage Manager (ISM) Portmapper service, specifically within the librpc.dll component. This allows remote attackers to execute arbitrary code by providing a crafted parameter size.

Recommendations For IBM Informix Dynamic Server (IDS) versions 10.x prior to 10.00.TC9, update to version 10.00.TC9 or later. For IBM Informix Dynamic Server (IDS) versions 11.x prior to 11.10.TC3, update to version 11.10.TC3 or later.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2009-2753

ZDI-10-022

Produtos afetados

Ibm Informix Dynamic Server

Informix Storage Manager

Librpc.Dll

PT-2010-1272 · Ibm · Librpc.Dll+2

CVE-2009-2753

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11