CVE-2008-0368

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2008-0368 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by iDefense Labs.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=651

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2008-0368

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* IBM Corp.'s Informix Dynamic Server version 10.00 UC6TL installed on a Linux system

Immune Systems:
* IBM Corp.'s Informix Dynamic Server version 10.00.xC8

The set-uid root "onedcu" command requires six parameters to be specified when it is executed. The second parameter is a "Trace" file that this program will open and write to with elevated privileges.

Analysis:
Exploitation allows local attackers to gain root privileges.

Workaround:
Removing the set-uid bit from the "onedcu" program included with Informix will prevent exploitation. However, this could disable some functionality for non-root users.

Vendor response:
IBM Corp. has addressed this vulnerability with the release of version 10.00.xC8 of Informix Dynamic Server. For more information, visit the following URL http://www-1.ibm.com/support/docview.wss?uid=swg27011556

CVE Information:
CVE-2008-0368

Disclosure Timeline:
09/01/2007 - Initial vendor notification
09/13/2007 - Initial vendor response
01/31/2008 - Coordinated public disclosure

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus