IBM Informix Dynamic Server SET DEBUG FILE Overflow

2006-07-31T04:19:14
ID OSVDB:27687
Type osvdb
Reporter David Litchfield(david@ngssoftware.com)
Modified 2006-07-31T04:19:14

Description

Vulnerability Description

Informix Dynamic Server contains an unspecified flaw related to an overflow in the SET DEBUG FILE statement that may allow an attacker to execute arbitrary code. No further details have been provided.

Solution Description

Upgrade to version 9.40.xC7, 10.00.xC3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Informix Dynamic Server contains an unspecified flaw related to an overflow in the SET DEBUG FILE statement that may allow an attacker to execute arbitrary code. No further details have been provided.

References:

Vendor URL: http://www-306.ibm.com/software/data/informix/ids/ Vendor Specific Advisory URL Secunia Advisory ID:21301 Related OSVDB ID: 27688 Related OSVDB ID: 27690 Related OSVDB ID: 27682 Related OSVDB ID: 27684 Related OSVDB ID: 27694 Related OSVDB ID: 27689 Related OSVDB ID: 27691 Related OSVDB ID: 27693 Related OSVDB ID: 27681 Related OSVDB ID: 27683 Related OSVDB ID: 27685 Related OSVDB ID: 27686 Related OSVDB ID: 27692 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0292.html Keyword: #NISR02082006D ISS X-Force ID: 28126 FrSIRT Advisory: ADV-2006-3077 CVE-2006-3857 Bugtraq ID: 19264