CVE-2009-2753

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.vupen.com/english/advisories/2010/0508	Patch Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg1IC55330
http://secunia.com/advisories/38731	Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-10-022
http://www.ibm.com/support/docview.wss?uid=swg1IC55329
http://securitytracker.com/id?1023669
http://www.securityfocus.com/bid/38471
http://www.securityfocus.com/archive/1/509789/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:informix_dynamic_server:10.0.tc1:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.1:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc8:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc9:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc8e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc9e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc3e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1de:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc4:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc5:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc4e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc5e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc10:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc1:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc7e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc6:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc10e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc3:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc6e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc2e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc3e:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc7:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc2:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc3:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc2e:::::::*

Information

Published : 2010-03-05 08:30

Updated : 2018-10-10 12:42

NVD link : CVE-2009-2753

Mitre link : CVE-2009-2753

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

ibm

informix_dynamic_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.vupen.com/english/advisories/2010/0508", "name": "ADV-2010-0508", "tags": ["Patch", "Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55330", "name": "IC55330", "tags": [], "refsource": "AIXAPAR"}, {"url": "http://secunia.com/advisories/38731", "name": "38731", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-022", "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-022", "tags": [], "refsource": "MISC"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55329", "name": "IC55329", "tags": [], "refsource": "AIXAPAR"}, {"url": "http://securitytracker.com/id?1023669", "name": "1023669", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/38471", "name": "38471", "tags": [], "refsource": "BID"}, {"url": "http://www.securityfocus.com/archive/1/509789/100/0/threaded", "name": "20100301 ZDI-10-022: IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-2753", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-03-05T16:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.tc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc8e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc9e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc3e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1de:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc4e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc5e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc7e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc10e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc6e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc2e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc3e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc2e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-10T19:42Z"}

10.0 /10