2 matches found
iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server onedcu File Creation Vulnerability
iDefense Security Advisory 01.31.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 31, 2008 I. BACKGROUND IBM Corp.'s Informix Dynamic Server is an online transaction processing data server. For more information, visit the product's homepage at the following URL...
CVE-2008-0368
CVE-2008-0368 affects IBM Informix Dynamic Server (IDS) 10.x prior to 10.00.xC8. The vulnerability arises in the set-uid onedcu tool, where the second parameter Trace file is opened for writing with elevated privileges, enabling local attackers to create arbitrary files and potentially gain root ...