Short Name |
DB:INGRESDB-IIDBMS-OF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
DB |
Keywords |
Ingres Database iidbms Buffer Overflow |
Release Date |
2010/09/28 |
Update Number |
1780 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Ingres Database. It is due to insufficient boundary checking in the iidbms component of the Ingres Database. Remote unauthenticated attackers can exploit this by sending a specially crafted request to the database server. A successful attack can cause a heap buffer overflow resulting in a denial of service; or allow execution of arbitrary code with the privileges of the affected process.
Ingres Database is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with the privileges of the application or crash the affected application. Ingres Database 9.3 on Unix is vulnerable; other versions may also be affected.