Lucene search

[email protected]CVE-2004-2319

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2319

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ibm

informix dynamic server

ids

security vulnerability

local user

file manipulation

symlink attack

nvd

cve-2004-2319

6.8 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit.

CPENameOperatorVersion
ibm:informix_dynamic_serveribm informix dynamic servereq9.40.uc2
ibm:informix_extended_parallel_serveribm informix extended parallel servereq8.40_uc1
ibm:informix_dynamic_serveribm informix dynamic servereq9.40.uc1
ibm:informix_extended_parallel_serveribm informix extended parallel servereq8.40_uc2

CPE	Name	Operator	Version
ibm:informix_dynamic_server	ibm informix dynamic server	eq	9.40.uc2
ibm:informix_extended_parallel_server	ibm informix extended parallel server	eq	8.40_uc1
ibm:informix_dynamic_server	ibm informix dynamic server	eq	9.40.uc1
ibm:informix_extended_parallel_server	ibm informix extended parallel server	eq	8.40_uc2

References

secunia.com/advisories/10737/

www-1.ibm.com/support/docview.wss?uid=swg21153336

www.osvdb.org/3758

www.osvdb.org/3760

www.securityfocus.com/archive/1/351770

www.securityfocus.com/bid/9511

www.securityfocus.com/bid/9512

exchange.xforce.ibmcloud.com/vulnerabilities/14969

exchange.xforce.ibmcloud.com/vulnerabilities/14971

6.8 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON