Signature Detail

APP: IBM Informix Dynamic Server Command Argument Processing Stack Overflow

This signature detects attempts to exploit a known vulnerability in the IBM Informix Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

IBM Informix Dynamic Server is prone to multiple remote vulnerabilities: - Two buffer-overflow vulnerabilities. - An unspecified vulnerability when handling malformed packets. An attacker can exploit these issues to execute arbitrary code with superuser privileges. Successfully exploiting these issues will result in the complete compromise of affected computers. Failed exploit attempts will cause denial-of-service conditions.

Affected Products

• IBM Informix IDS 10.0
• IBM Informix IDS 10.00.xC7W1
• IBM Informix IDS 10.00.xC8
• IBM Informix IDS 10.0 xC3
• IBM Informix IDS 10.0.xC4
• IBM Informix IDS 11.10
• IBM Informix IDS 11.10.xC2
• IBM Informix IDS 7.3
• IBM Informix IDS 7.31 .xD8
• IBM Informix IDS 7.31 .xD9
• IBM Informix IDS 9.3.0
• IBM Informix IDS 9.4
• IBM Informix IDS 9.40
• IBM Informix IDS 9.40.0 .UC1
• IBM Informix IDS 9.40.0 .UC2
• IBM Informix IDS 9.40.0 .UC3
• IBM Informix IDS 9.40.TC5
• IBM Informix IDS 9.40.UC5
• IBM Informix IDS 9.40.xD8

References

• BugTraq: 28198
• BugTraq: 19264
• CVE: CVE-2006-3853
• CVE: CVE-2008-0727
• CVE: CVE-2006-3854