Lucene search

MitreCVE-2006-3856

HistoryAug 08, 2006 - 10:04 p.m.

CVE-2006-3856

2006-08-0822:04:00

mitre

web.nvd.nist.gov

ibm

informix dynamic server

ids

denial of service

crash

vulnerability

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.1

Confidence

High

EPSS

Percentile

9.8%

JSON

IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors.

Affected configurations

Nvd

Node

ibminformix_dynamic_serverMatch9.4

ibminformix_dynamic_serverMatch9.40.tc5

ibminformix_dynamic_serverMatch9.40.uc1

ibminformix_dynamic_serverMatch9.40.uc2

ibminformix_dynamic_serverMatch9.40.uc3

ibminformix_dynamic_serverMatch9.40.uc5

ibminformix_dynamic_serverMatch9.40.xc5

ibminformix_dynamic_serverMatch10.0

ibminformix_dynamic_serverMatch10.0.xc1

VendorProductVersionCPE
ibminformix_dynamic_server9.4cpe:2.3:a:ibm:informix_dynamic_server:9.4:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.tc5cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.uc1cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.uc2cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.uc3cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.uc5cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.xc5cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc5:*:*:*:*:*:*:*
ibminformix_dynamic_server10.0cpe:2.3:a:ibm:informix_dynamic_server:10.0:*:*:*:*:*:*:*
ibminformix_dynamic_server10.0.xc1cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	informix_dynamic_server	9.4	cpe:2.3:a:ibm:informix_dynamic_server:9.4:::::::*
ibm	informix_dynamic_server	9.40.tc5	cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:::::::*
ibm	informix_dynamic_server	9.40.uc1	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:::::::*
ibm	informix_dynamic_server	9.40.uc2	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:::::::*
ibm	informix_dynamic_server	9.40.uc3	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:::::::*
ibm	informix_dynamic_server	9.40.uc5	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:::::::*
ibm	informix_dynamic_server	9.40.xc5	cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc5:::::::*
ibm	informix_dynamic_server	10.0	cpe:2.3:a:ibm:informix_dynamic_server:10.0:::::::*
ibm	informix_dynamic_server	10.0.xc1	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc1:::::::*

References

secunia.com/advisories/21301

www-1.ibm.com/support/docview.wss?uid=swg21242921

www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf

www.osvdb.org/27690

www.securityfocus.com/archive/1/443133/100/0/threaded

www.securityfocus.com/archive/1/443210/100/0/threaded

www.securityfocus.com/bid/19264

www.vupen.com/english/advisories/2006/3077

exchange.xforce.ibmcloud.com/vulnerabilities/28131

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.1

Confidence

High

EPSS

Percentile

9.8%

JSON

Related for CVE-2006-3856