Summary
The host is running IGSS ODBC Server and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow remote attackers to cause a denial of service.
Impact Level: Application
Solution
Upgrade IGSS 8 ODBC Server (Odbcixv8se.exe) version 11003 or later.
For updates refer to http://www.igss.com/
Insight
The flaw is caused by an uninitialized pointer free conditions,when processing specially packets sent to port 20222/TCP, which could be exploited by remote unauthenticated attackers to crash an affected daemon.
Note: IGSS uses a 3rd party ODBC driver kit from Dr. DeeBee
Affected
IGSS 8 ODBC Server (Odbcixv8se.exe) Version 10299, Other versions may also be affected.
References
Severity
Classification
-
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Adobe Reader '.ETD File' Denial of Service Vulnerability (Windows)
- Epson EventManager 'x-protocol-version' Denial of Service Vulnerability
- Apache httpd Web Server Range Header Denial of Service Vulnerability
- ActFax Server Multiple Remote Buffer Overflow Vulnerabilities
- Apple Safari Multiple Vulnerabilities June-09 (Win) - I