Die siberas GmbH ein auf Sicherheitsanalysen und Penetrationstests spezialisiertes Beratungsunternehmen, welches Sie herstellerunabhängig und kompetent im Bereich IT-Sicherheit berät.
IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities
Reference ID: SSA-1003The advisory comprises multiple heap and stack overflows resulting from improper size checks in the module librpc.dll (see SSA-1004). Patches have been made available by IBM and should be applied as soon as possible. Like in SSA-1004, the vulnerabilities can lead to pre-authentication remote code execution with SYSTEM privileges!
References:
ZDI-10-022
CVE-2009-2753