WER IST SIBERAS?

Die siberas GmbH ein auf Sicherheitsanalysen und Penetrationstests spezialisiertes Beratungsunternehmen, welches Sie herstellerunabhängig und kompetent im Bereich IT-Sicherheit berät.

KONTAKT

IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities

Reference ID: SSA-1003
Publication date: 01.03.2010
Severity: critical
Discovered by: Sebastian Apelt

The advisory comprises multiple heap and stack overflows resulting from improper size checks in the module librpc.dll (see SSA-1004). Patches have been made available by IBM and should be applied as soon as possible. Like in SSA-1004, the vulnerabilities can lead to pre-authentication remote code execution with SYSTEM privileges!

References:
ZDI-10-022
CVE-2009-2753