Lucene search

SAINT CorporationSAINT:6F888E0CF477093D85A8D08C42FB00FE

HistoryMay 09, 2008 - 12:00 a.m.

Informix Dynamic Server sqlexec password argument buffer overflow

2008-05-0900:00:00

SAINT Corporation

my.saintcorporation.com

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:C/A:C

0.908 High

EPSS

Percentile

98.8%

JSON

Added: 05/09/2008
CVE: CVE-2008-0727
BID: 28198
OSVDB: 42701

Background

Informix Dynamic Server is a database solution from IBM. The **oninit.exe** process listens for connections on port 1526/TCP.

Problem

The **oninit.exe** process does not sufficiently check the length of command-line arguments passed to the **sqlexec** program. This allows remote attackers to execute commands by specifying a long, specially crafted password argument.

Resolution

Apply one of the updates referenced in ZDI-08-012.

References

<http://www.zerodayinitiative.com/advisories/ZDI-08-012/>

Limitations

Exploit works on Informix Dynamic Server 10.00.TC3.

Platforms

Windows

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:C/A:C

0.908 High

EPSS

Percentile

98.8%

JSON

Related for SAINT:6F888E0CF477093D85A8D08C42FB00FE