|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=650
|
| |
Vulnerable Systems:
* IBM Corp.'s Informix Dynamic Server version 10.00 UC6TL installed on a Linux
Immune Systems:
* IBM Corp.'s Informix Dynamic Server version 10.00.xC8
When the SQLIDEBUG environment variable is set, several set-uid binaries will log debugging information to the specified file.
Analysis:
Exploitation allows local attackers to gain root privileges.
After creating the file, the file's ownership is changed to match the user and group of the executing user. As such, an attacker could create files that they own anywhere on the system.
Workaround:
Removing the set-uid bit from all programs included with Informix will prevent exploitation. However, this could disable some functionality for non-root users.
Vendor response:
IBM Corp. has addressed this vulnerability with the release of version 10.00.xC8 of Informix Dynamic Server. For more information, visit the following URL http://www-1.ibm.com/support/docview.wss?uid=swg27011556
CVE Information:
CVE-2008-0369
Disclosure Timeline:
09/01/2007 - Initial vendor notification
09/13/2007 - Initial vendor response
01/31/2008 - Coordinated public disclosure
|
|
|
|
|
