Lucene search

SAINT CorporationSAINT:FFAABD46A181672ADE7C70D864FDD86C

HistoryMay 09, 2008 - 12:00 a.m.

Informix Dynamic Server sqlexec password argument buffer overflow

2008-05-0900:00:00

SAINT Corporation

download.saintcorporation.com

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:C/A:C

0.924 High

EPSS

Percentile

98.7%

JSON

Added: 05/09/2008
CVE: CVE-2008-0727
BID: 28198
OSVDB: 42701

Background

Informix Dynamic Server is a database solution from IBM. The **oninit.exe** process listens for connections on port 1526/TCP.

Problem

The **oninit.exe** process does not sufficiently check the length of command-line arguments passed to the **sqlexec** program. This allows remote attackers to execute commands by specifying a long, specially crafted password argument.

Resolution

Apply one of the updates referenced in ZDI-08-012.

References

<http://www.zerodayinitiative.com/advisories/ZDI-08-012/>

Limitations

Exploit works on Informix Dynamic Server 10.00.TC3.

Platforms

Windows

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:C/A:C

0.924 High

EPSS

Percentile

98.7%

JSON

Related for SAINT:FFAABD46A181672ADE7C70D864FDD86C