← volver
CVE-2006-3860

CVE-2006-3860

EPSS 2.8%
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the (1) "SET DEBUG FILE" SQL command, and the (2) start_onpload and (3) dbexp functions.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://secunia.com/advisories/21301http://securityreason.com/securityalert/1407https://exchange.xforce.ibmcloud.com/vulnerabilities/28121https://exchange.xforce.ibmcloud.com/vulnerabilities/28124http://www-1.ibm.com/support/docview.wss?uid=swg21242921http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdfhttp://www.osvdb.org/27686http://www.securityfocus.com/archive/1/443133/100/0/threadedhttp://www.securityfocus.com/archive/1/443185/100/0/threadedhttp://www.securityfocus.com/bid/19264http://www.vupen.com/english/advisories/2006/3077