CVE-2006-3858

2006-08-0822:00:00

mitre

www.cve.org

AI Score

Confidence

Low

EPSS

Percentile

9.8%

JSON

IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in plaintext in shared memory, which allows local users to obtain passwords by reading the memory (product defects 171893, 171894, 173772).

References

secunia.com/advisories/21301

www-1.ibm.com/support/docview.wss?uid=swg21242921

www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf

www.osvdb.org/27691

www.securityfocus.com/archive/1/443133/100/0/threaded

www.securityfocus.com/archive/1/443195/100/0/threaded

www.securityfocus.com/bid/19264

www.vupen.com/english/advisories/2006/3077

exchange.xforce.ibmcloud.com/vulnerabilities/28132