Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1705

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-1705
Last Modified 07 Mar 2011 10:07:30
Published 09 Apr 2008 03:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1705

Summary

Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) user name, (2) peer name, and possibly unspecified other fields.

Vulnerable Systems

Application

  • Ibm Soliddb 06.00.1018


References

XF - ibm-soliddb-solid-format-string(41485)

VUPEN - ADV-2008-1038

BID - 28468

BUGTRAQ - 20080326 Multiple vulnerabilities in solidDB 06.00.1018

SECTRACK - 1019721

SECUNIA - 29512

MISC - http://aluigi.org/poc/soliduro.zip

MISC - http://aluigi.altervista.org/adv/soliduro-adv.txt


Last Updated: 27 May 2016 10:47:38