Intrusion Prevention

IBM.Informix.Dynamic.Server.Long.Username.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in IBM Informix Dynamic Server.
The vulnerability is caused by an error that occurs when the vulnerable software handles a long user name. A remote attacker may send a specially crafted request packet to execute arbitrary code.

Affected Products

IBM Informix Dynamic Server 9.40.UC5
IBM Informix Dynamic Server 9.40.UC3
IBM Informix Dynamic Server 9.40.UC2
IBM Informix Dynamic Server 9.40.UC1
IBM Informix Dynamic Server 9.40.TC5
IBM Informix Dynamic Server 9.40 xC7
IBM Informix Dynamic Server 9.4
IBM Informix Dynamic Server 7.31.xD8
IBM Informix Dynamic Server 7.3
IBM Informix Dynamic Server 10.0 xC3
IBM Informix Dynamic Server 10.0

Impact

System Compromise

Recommended Actions

Upgrade to the latest version, available from the following website:
http://www.ibm.com/support

CVE References

CVE-2006-3854