PT-2006-6370 · Ibm · Ibm Informix Dynamic Server+2

Published

2006-11-03

Updated

2011-03-08

CVE-2006-5663

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: IBM Informix Dynamic Server version 10.00 Informix Client Software Development Kit (CSDK) version 2.90 Informix I-Connect version 2.90

Description: The issue allows local users to gain privileges by modifying installation scripts due to insecure permissions.

Recommendations: For IBM Informix Dynamic Server version 10.00, update the installation script permissions to prevent local users from modifying them. For Informix Client Software Development Kit (CSDK) version 2.90, adjust the permissions of the installation scripts to restrict access. For Informix I-Connect version 2.90, change the permissions of the installation scripts to secure them against modification by local users.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5663

Affected Products

Ibm Informix Dynamic Server

Informix Client Software Development Kit

Informix I-Connect

PT-2006-6370 · Ibm · Ibm Informix Dynamic Server+2

CVE-2006-5663

Related Identifiers

Affected Products

References · 5