Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2131

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-2131
Last Modified 05 Sep 2008 04:43:16
Published 27 Jan 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2131

Summary

Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.

Vulnerable Systems

Application

  • Ibm Informix Dynamic Server 9.40.uc1

  • Ibm Informix Dynamic Server 9.40.uc2

  • Ibm Informix Extended Parallel Server 8.40 Uc1


References

BID - 9512

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21153336

BUGTRAQ - 20040129 ----------========== OPEN3S-2003-08-08-eng-informix-ontape

XF - informix-ontape-binary-bo(14970)

OSVDB - 3759

SECUNIA - 10737


Last Updated: 27 May 2016 10:39:21