Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1208

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2011-1208
Last Modified 31 May 2011 12:00:00
Published 04 May 2011 10:39:46
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1208

Summary

IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command.

Vulnerable Systems

Application

  • Ibm Soliddb 4.5.167

  • Ibm Soliddb 4.5.168

  • Ibm Soliddb 4.5.169

  • Ibm Soliddb 4.5.173

  • Ibm Soliddb 4.5.175

  • Ibm Soliddb 4.5.176

  • Ibm Soliddb 4.5.178

  • Ibm Soliddb 4.5.179

  • Ibm Soliddb 4.5.180

  • Ibm Soliddb 4.5.181

  • Ibm Soliddb 6.0.1060

  • Ibm Soliddb 6.0.1061

  • Ibm Soliddb 6.0.1064

  • Ibm Soliddb 6.0.1065

  • Ibm Soliddb 6.0.1066

  • Ibm Soliddb 6.0.1067

  • Ibm Soliddb 6.0.1068

  • Ibm Soliddb 6.1.18

  • Ibm Soliddb 6.1.20

  • Ibm Soliddb 6.3.33

  • Ibm Soliddb 6.3.37

  • Ibm Soliddb 6.3.38

  • Ibm Soliddb 6.3.39

  • Ibm Soliddb 6.3.40

  • Ibm Soliddb 6.3.44

  • Ibm Soliddb 6.3.47

  • Ibm Soliddb 6.3.48

  • Ibm Soliddb 6.5.0.0

  • Ibm Soliddb 6.5.0.1

  • Ibm Soliddb 6.5.0.2

  • Ibm Soliddb 6.5.0.3


References

XF - soliddb-null-pointer-dos(67019)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-11-142/

VUPEN - ADV-2011-1117

BID - 47584

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21496106

SECTRACK - 1025451

SECUNIA - 44380


Last Updated: 27 May 2016 10:56:13