CVE-2010-4056

EPSS 8.4%

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.

Affected products

n/a · n/a

public PoCs found — 2

cve_referencewww.exploit-db.com/exploits/15261unverified exploitdbwww.exploit-db.com/exploits/15261unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://aluigi.altervista.org/adv/soliddb_1-adv.txt http://secunia.com/advisories/41873 http://securitytracker.com/id?1024597 https://exchange.xforce.ibmcloud.com/vulnerabilities/62590 http://www.exploit-db.com/exploits/15261 http://www.vupen.com/english/advisories/2010/2715