Multiple vulnerabilities in IBM Informix Dynamic Server
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2018-1632 CVE-2018-1633 CVE-2018-1634 CVE-2018-1635 CVE-2018-1636 CVE-2018-1796 CVE-2019-4253 |
| CWE-ID | CWE-264 CWE-119 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Informix Dynamic Server Server applications / Web servers |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU35619
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1632
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to execute arbitrary code.
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in .infxdirs. IBM X-Force ID: 144432.
MitigationInstall update from vendor's website.
Vulnerable software versionsInformix Dynamic Server: 12.10
External linkshttp://www.ibm.com/support/docview.wss?uid=ibm10964987
http://exchange.xforce.ibmcloud.com/vulnerabilities/144432
http://security.netapp.com/advisory/ntap-20190903-0002/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU35620
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1633
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to execute arbitrary code.
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onsrvapd. IBM X-Force ID: 144434.
MitigationInstall update from vendor's website.
Vulnerable software versionsInformix Dynamic Server: 12.10
External linkshttp://www.ibm.com/support/docview.wss?uid=ibm10964987
http://exchange.xforce.ibmcloud.com/vulnerabilities/144434
http://security.netapp.com/advisory/ntap-20190903-0002/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU35621
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1634
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to execute arbitrary code.
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in infos.DBSERVERNAME. IBM X-Force ID: 144437.
MitigationInstall update from vendor's website.
Vulnerable software versionsInformix Dynamic Server: 12.10
External linkshttp://www.ibm.com/support/docview.wss?uid=ibm10964987
http://exchange.xforce.ibmcloud.com/vulnerabilities/144437
http://security.netapp.com/advisory/ntap-20190903-0002/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Buffer overflow
EUVDB-ID: #VU35622
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1635
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to execute arbitrary code.
Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144439.
MitigationInstall update from vendor's website.
Vulnerable software versionsInformix Dynamic Server: 12.10
External linkshttp://www.ibm.com/support/docview.wss?uid=ibm10964987
http://exchange.xforce.ibmcloud.com/vulnerabilities/144439
http://security.netapp.com/advisory/ntap-20190903-0002/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU35623
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1636
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to execute arbitrary code.
Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144441.
MitigationInstall update from vendor's website.
Vulnerable software versionsInformix Dynamic Server: 12.10
External linkshttp://www.ibm.com/support/docview.wss?uid=ibm10964987
http://exchange.xforce.ibmcloud.com/vulnerabilities/144441
http://security.netapp.com/advisory/ntap-20190903-0002/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU35624
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1796
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to execute arbitrary code.
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges. IBM X-Force ID: 149426.
MitigationInstall update from vendor's website.
Vulnerable software versionsInformix Dynamic Server: 12.10
External linkshttp://www.ibm.com/support/docview.wss?uid=ibm10964987
http://exchange.xforce.ibmcloud.com/vulnerabilities/149426
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU35625
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-4253
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to execute arbitrary code.
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local privileged Informix user to load a malicious shared library and gain root access privileges. IBM X-Force ID: 159941.
MitigationInstall update from vendor's website.
Vulnerable software versionsInformix Dynamic Server: 12.10
External linkshttp://www.ibm.com/support/docview.wss?uid=ibm10964987
http://exchange.xforce.ibmcloud.com/vulnerabilities/159941
http://security.netapp.com/advisory/ntap-20190903-0002/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
