Intrusion Prevention

IBM.Informix.Dynamic.Server.SET.ENVIRONMENT.Buffer.Overflow

Description

This indicates an attack attempt against a stack buffer overflow vulnerability in
IBM Informix Dynamic Server.
The vulnerability is caused by a boundary error in the oninit process when handling a SET ENVIRONMENT SQL statement. It allows a remote attacker to exploit this vulnerability by sending a specially crafted SQL query to the vulnerable server.

Affected Products

IBM Informix IDS 11.50.xC1
IBM Informix IDS 11.50
IBM Informix IDS 11.10.xC2W2
IBM Informix IDS 11.10.xC2
IBM Informix IDS 11.10.TC3
IBM Informix IDS 11.10

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the website.
http://www-01.ibm.com/software/data/informix/

CVE References

CVE-2011-1033

Other References

SA43212