Computer Security Global Security Mag Online anti virus spywares job oofers telecom and network security

Global Security Magazine Online antivirus

INTERNATIONAL

Security Vulnerability

Next Issues

Subscriptions

Publicity

Flux RSS

Vigil@nce: Ingres, buffer overflow of iidbms

February 2010 by Vigil@nce

An attacker can send a malicious query to the iidbms process of Ingres, in order to generate a denial of service or to execute code.

Severity: 2/4
Consequences: privileged access/rights, denial of service of service
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: unique source (2/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 29/01/2010

IMPACTED PRODUCTS

CA Ingres

DESCRIPTION OF THE VULNERABILITY

The iidbms (Ingres II DBMS) process is the data manager engine.

An unauthenticated attacker can send a message containing a long field to iidbms, which creates a buffer overflow.

An attacker can therefore send a malicious query to the iidbms process of Ingres, in order to generate a denial of service or to execute code.

CHARACTERISTICS

Identifiers: BID-38001, VIGILANCE-VUL-9393
Url: http://vigilance.fr/vulnerability/I...

< previous next >


Home	Contact	About	Prowebserenity

Stay informed with Global Security Mag newsletters
copyright® 2007 S.I.M. Publicité

S'identifier ADMIN