Body Background
TrendAI™ Zero Day Initiative™ Logo

IBM Informix Dynamic Server oninit.exe EXPLAIN Remote Code Execution Vulnerability

October 18th, 2010
ZDI-10-216 ZDI-CAN-288

CVE ID

CVSS Score

9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C

Affected Vendors

IBM

Affected Products

Informix

Vulnerability Details

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is required in that an attacker must have valid credentials to connect to the database.

The specific flaw exists within the oninit.exe process bound by default to TCP port 9088 or 1526. A lack of sanity checking within a logging function can result in a stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user.

Additional Details

this issue is fixed in version by defect #

idsdb00154243 - 11.50.xC1
idsdb00154125 - 11.10.xC2W2


Disclosure Timeline

  • 2008-02-07 - Vulnerability reported to vendor
  • 2010-10-18 - Coordinated public release of advisory

Credit

Anonymous

Back to Advisories

Hero Background

Stand at the front line of proactive security

Trend ZDI connects the experts who discover, remediate, and defend.
Add your voice to the work that pushes attackers back.

RESEARCHERS

Submit a vulnerability

VENDORS

Learn how it works

ORGANIZATIONS

See how you're protected