CVE-2011-1208

Name of the Vulnerable Software and Affected Versions IBM solidDB versions 4.5.x through 4.5.181 IBM solidDB versions 6.0.x through 6.0.1068 IBM solidDB versions 6.1.x through 6.3.48 IBM solidDB versions 6.3.x through 6.3.48 IBM solidDB versions 6.5.x through 6.5.0.3

Description The issue arises from improper handling of the rpc test svc readwrite and rpc test svc done commands, allowing remote attackers to cause a denial of service via a crafted command, resulting in a NULL pointer dereference and daemon crash.

Recommendations For IBM solidDB versions 4.5.x, update to version 4.5.182 or later. For IBM solidDB versions 6.0.x, update to version 6.0.1069 or later. For IBM solidDB versions 6.1.x and 6.3.x, update to version 6.3 FP8 (aka 6.3.49) or later. For IBM solidDB versions 6.5.x, update to version 6.5 FP4 (aka 6.5.0.4) or later.