CVE-2011-1208

Sažetak

IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command.

Reference

http://secunia.com/advisories/44380
http://securitytracker.com/id?1025451
http://www.ibm.com/support/docview.wss?uid=swg21496106
http://www.securityfocus.com/bid/47584
http://www.vupen.com/english/advisories/2011/1117
http://www.zerodayinitiative.com/advisories/ZDI-11-142/
https://exchange.xforce.ibmcloud.com/vulnerabilities/67019

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

17-08-2017 - 01:34

Objavljeno

05-05-2011 - 02:39