Description: Some vulnerabilities have been reported in IBM Informix Dynamic Server, which can be exploited by malicious people or malicious users to compromise a vulnerable system.
1) A boundary error within the handling of connection requests can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet containing an overly large number of parameters.
2) A boundary error within oinit.exe when processing the DBPATH variable during authentication can be exploited to cause a buffer overflow via an overly long DBPATH variable sent to default port 1526/TCP.
3) A boundary error within oinit.exe when processing passwords during authentication can be exploited to cause a stack-based buffer overflow via an overly long password sent to default port 1526/TCP.
Successful exploitation of these vulnerabilities may allow execution of arbitrary code.
Solution: Apply updates (see vendor's advisory for details).
Provided and/or discovered by: 1) MWR InfoSecurity
2) An anonymous researcher, reported via ZDI.
3) An anonymous researcher, reported via ZDI.
Changelog: 2008-03-14: Added links to "Original Advisory" section. Updated "Solution" and "Description" sections based on additional information from ZDI.
2008-04-14: Added link to IBM in "Original Advisory" section.
2008-04-16: Updated "Description". Added link to MWR InfoSecurity.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
