CVE-2010-4057

EPSS 7.2%

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.

Affected products

n/a · n/a

public PoCs found — 2

cve_referencewww.exploit-db.com/exploits/15261unverified exploitdbwww.exploit-db.com/exploits/15261unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://aluigi.altervista.org/adv/soliddb_1-adv.txt http://secunia.com/advisories/41873 http://securitytracker.com/id?1024597 https://exchange.xforce.ibmcloud.com/vulnerabilities/62590 http://www.exploit-db.com/exploits/15261 http://www.vupen.com/english/advisories/2010/2715