IBM SolidDB RPC Test Commands Denial Of Service Vulnerabilities Network Vulnerability

Summary

This host is running IBM solidDB and is prone to multiple denial of service vulnerabilities.

Impact

Successful exploitation will let remote unauthenticated attackers to crash an affected process or consume CPU resources, creating a denial of service condition. Impact Level: Application

Solution

Apply the patches from below link, https://www-304.ibm.com/support/docview.wss?uid=swg21496106

Insight

The flaws are caused by a NULL pointer error in the solidDB component when processing the 'rpc_test_svc_readwrite' and 'rpc_test_svc_done commands' commands sent to port 2315/TCP.

Affected

IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x, 6.3.x before 6.3 FP8, and 6.5.x before 6.5 FP4

References

http://securitytracker.com/id?1025451
http://www.vupen.com/english/advisories/2011/1117
http://www.zerodayinitiative.com/advisories/ZDI-11-142/
http://xforce.iss.net/xforce/xfdb/67019

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1208

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Epson EventManager 'x-protocol-version' Denial of Service Vulnerability
ClamAV 'find_stream_bounds()' PDF File Processing Denial Of Service Vulnerability
Apple QuickTime Multiple Denial Of Service Vulnerabilities (Win)
ClamAV Multiple Vulnerabilities (Win)
Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (Linux)

IBM solidDB RPC Test Commands Denial of Service Vulnerabilities

Take action and discover your vulnerabilities