Computer Security Global Security Mag Online anti virus spywares job oofers telecom and network security

INTERNATIONAL
 Security Vulnerability

GS Mag n°12
Next Issues
Subscriptions
Publicity

Google

 Flux RSS
 












Nous gérons le fil d'information de l'officiel du bateau : bateau occasion
 
Vigil@nce: Ingres, buffer overflow of iidbms
February 2010  by Vigil@nce

An attacker can send a malicious query to the iidbms process of Ingres, in order to generate a denial of service or to execute code.

- Severity: 2/4
- Consequences: privileged access/rights, denial of service of service
- Provenance: intranet client
- Means of attack: no proof of concept, no attack
- Ability of attacker: expert (4/4)
- Confidence: unique source (2/5)
- Diffusion of the vulnerable configuration: high (3/3)
- Creation date: 29/01/2010

IMPACTED PRODUCTS

- CA Ingres

DESCRIPTION OF THE VULNERABILITY

The iidbms (Ingres II DBMS) process is the data manager engine.

An unauthenticated attacker can send a message containing a long field to iidbms, which creates a buffer overflow.

An attacker can therefore send a malicious query to the iidbms process of Ingres, in order to generate a denial of service or to execute code.

CHARACTERISTICS

- Identifiers: BID-38001, VIGILANCE-VUL-9393
- Url: http://vigilance.fr/vulnerability/I...

< previous      next >














home mail ?
Home Contact About Prowebserenity

 
Stay informed with Global Security Mag newsletters
copyright® 2007 S.I.M. Publicité