solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
IBM solidDB 6.0.1064
IBM solidDB 6.3.33 (6.3 Fix Pack 2)
IBM solidDB 6.0.1061
IBM solidDB 6.1.20
IBM solidDB 6.5.0.3 (Fix Pack 3)
IBM solidDB 4.5.168
IBM solidDB 4.5.169
IBM solidDB 6.5.0.0
IBM solidDB 6.5.0.1 (Fix Pack 1)
IBM solidDB 6.5.0.2 (Fix Pack 2)
IBM solidDB 6.30.0039 (6.3 Fix Pack 4)
IBM solidDB 6.1
IBM solidDB 4.5.173
IBM solidDB 4.5.175
IBM solidDB 4.5.176
IBM solidDB 6.30.0044 (6.3 Fix Pack 6)
IBM solidDB 4.5.178
IBM solidDB 4.5.167
IBM solidDB 6.0.1060
IBM solidDB 6.30.0040 (6.3 Fix Pack 5)
IBM solidDB 6.0.1066
IBM solidDB 6.0.1065
IBM solidDB 6.3.37 (6.3 Fix Pack 3)
Ibm Soliddb 06.30.0047 (not an official CPE)
Advisory | Patch | Confirmed | Link |
---|---|---|---|
ibm-solid-database-server-dos(62590) | |||
ADV-2010-2715 | |||
15261 | |||
1024597 | |||
http://aluigi.altervista.org/adv/soliddb_1-adv.txt |