IBM solidDB Format String and Memory Errors Let Remote Users Execute Arbitrary Code or Deny Service
|
SecurityTracker Alert ID: 1019721 |
SecurityTracker URL: http://securitytracker.com/id/1019721
|
CVE Reference:
CVE-2008-1705, CVE-2008-1706, CVE-2008-1707, CVE-2008-1708
(Links to External Site)
|
Updated: Apr 18 2008
|
Original Entry Date: Mar 27 2008
|
Impact:
Denial of service via network, Execution of arbitrary code via network, User access via network
|
Exploit Included: Yes
|
Version(s): 6.00.1018 and prior versions
|
Description:
Several vulnerabilities were reported in IBM solidDB. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to trigger a format string flaw in the logging function and execute arbitrary code on the target system.
A remote user can send specially crafted data to trigger an invalid array index, a null pointer dereference, or a memory allocation error to cause the target service to crash.
Demonstration exploit code is available at:
http://aluigi.org/poc/soliduro.zip
The original advisory is available at:
http://aluigi.altervista.org/adv/soliduro-adv.txt
Luigi Auriemma reported this vulnerability.
|
Impact:
A remote user can execute arbitrary code on the target system.
A remote user can cause denial of service conditions.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.solidtech.com/en/products/relationaldatabasemanagementsoftware/embed.asp (Links to External Site)
|
Cause:
Access control error, Input validation error, State error
|
Underlying OS: Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|