IBM Informix Dynamic Server “librpc.dll” Vulnerability Details Released

IBM has announced a vulnerability in Informix Dynamic Server in versions prior to 7.31.xD11, 9.40.xC10, 10.00.xC8, and 11.10.xC2.
The vulnerability is caused due to an integer overflow in librpc.dll and can be exploited to cause a heap-based buffer overflow via a specially crafted RPC packet sent to TCP port 36890.

Specifically, the following versions are vulnerable:
IBM Informix IDS 10.0.tc1
IBM Informix IDS 10.0
IBM Informix IDS 10.0.xC4
IBM Informix IDS 10.0 xC3
IBM Informix IDS 10.00.xC11
IBM Informix IDS 10.00.xC7W1
IBM Informix IDS 10.00.xC8
IBM Informix IDS 10.00.xC10
IBM Informix IDS 10.00.TC9
IBM Informix IDS 11.10
IBM Informix IDS 11.10.xC2
IBM Informix IDS 11.10.TC3
IBM Informix IDS 7.3
IBM Informix IDS 7.31
IBM Informix IDS 7.31.xD8
IBM Informix IDS 7.31.xD9
IBM Informix IDS 7.31.xD11
IBM Informix IDS 9.4
IBM Informix IDS 9.40xC7
IBM Informix IDS 9.40.0.UC1
IBM Informix IDS 9.40.0.UC2
IBM Informix IDS 9.40.0.UC3
IBM Informix IDS 9.40.TC5
IBM Informix IDS 9.40.UC5
IBM Informix IDS 9.40.xC10

IBM says this fix is to upgrade to versions 7.31.xD11, 9.40.xC10, 10.00.xC8, or 11.10.xC2 or later.

References:
http://www.zerodayinitiative.com/advisories/ZDI-10-215

email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

Share

Leave a Reply