Description
IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit.
Affected products
- ibm / informix_dynamic_server9.40.uc1 – 9.40.uc1
- ibm / informix_dynamic_server9.40.uc2 – 9.40.uc2
- ibm / informix_extended_parallel_server8.40_uc1 – 8.40_uc1
- ibm / informix_extended_parallel_server8.40_uc2 – 8.40_uc2
References
- MISChttp://www.osvdb.org/3760
- MISChttp://www.securityfocus.com/bid/9511
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/14969
- MISChttp://www.securityfocus.com/bid/9512
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/14971
- VENDOR_ADVISORYhttp://secunia.com/advisories/10737/
- MISChttp://www.osvdb.org/3758
- MISChttp://www-1.ibm.com/support/docview.wss?uid=swg21153336
- MISChttp://www.securityfocus.com/archive/1/351770