IBM Informix Dynamic Server sysmaster Multiple Procedure Arbitrary Command Execution

2006-07-31T04:19:14
ID OSVDB:27684
Type osvdb
Reporter David Litchfield(david@ngssoftware.com)
Modified 2006-07-31T04:19:14

Description

Vulnerability Description

Informix Dynamic Server contains an unspecified flaw related to the dbimp and dbexp procedures in sysmaster that may allow an attacker to execute arbitrary code. No further details have been provided.

Solution Description

Upgrade to version 7.31.xD9, 9.40.xC7, 10.00.xC3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Informix Dynamic Server contains an unspecified flaw related to the dbimp and dbexp procedures in sysmaster that may allow an attacker to execute arbitrary code. No further details have been provided.

References:

Vendor URL: http://www-306.ibm.com/software/data/informix/ids/ Vendor Specific Advisory URL Secunia Advisory ID:21301 Related OSVDB ID: 27688 Related OSVDB ID: 27690 Related OSVDB ID: 27682 Related OSVDB ID: 27687 Related OSVDB ID: 27694 Related OSVDB ID: 27689 Related OSVDB ID: 27691 Related OSVDB ID: 27693 Related OSVDB ID: 27681 Related OSVDB ID: 27683 Related OSVDB ID: 27685 Related OSVDB ID: 27686 Related OSVDB ID: 27692 ISS X-Force ID: 28121 FrSIRT Advisory: ADV-2006-3077 Bugtraq ID: 19264