Computer Security

IBM Informix Dynamic Server multiple security vulnerabilities

back  news / advisories / software / search /  forward
[EN] securityvulns.ru no-pyccku


IBM Informix Dynamic Server multiple security vulnerabilities
Published:06.02.2008
Source:
SecurityVulns ID:8635
Type:remote
Threat Level:
5/10
Description:SQLIDEBUG and onedcu operators allow to access arbitrary files.
Affected:IBM : Informix Dynamic Server 10.00
CVE:CVE-2008-0369 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows attackers to create files via unspecified vectors involving the SQLIDEBUG environment variable.)
 CVE-2008-0368 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows attackers to create files via unspecified vectors involving the onedcu program.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server onedcu File Creation Vulnerability (06.02.2008)
 documentIDEFENSE, iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server SQLIDEBUG File Creation Vulnerability (06.02.2008)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod