Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.00.TC3 allow remote authenticated users to execute arbitrary code via (1) the getname function, as used by (a) _sq_remview, (b) _sq_remproc, © _sq_remperms, (d) _sq_distfetch, and (e) _sq_dcatalog; and the (2) SET DEBUG FILE, (3) IFX_FILE_TO_FILE, (4) FILETOCLOB, (5) LOTOFILE, and (6) DBINFO functions (product defect IDs 171649, 171367, 171387, 171391, 171906, 172179).
secunia.com/advisories/21301
www-1.ibm.com/support/docview.wss?uid=swg21242921
www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf
www.osvdb.org/27681
www.osvdb.org/27682
www.osvdb.org/27683
www.osvdb.org/27687
www.osvdb.org/27688
www.osvdb.org/27693
www.securityfocus.com/archive/1/443133/100/0/threaded
www.securityfocus.com/archive/1/443210/100/0/threaded
www.securityfocus.com/bid/19264
www.vupen.com/english/advisories/2006/3077
exchange.xforce.ibmcloud.com/vulnerabilities/28118
exchange.xforce.ibmcloud.com/vulnerabilities/28119
exchange.xforce.ibmcloud.com/vulnerabilities/28120
exchange.xforce.ibmcloud.com/vulnerabilities/28126
exchange.xforce.ibmcloud.com/vulnerabilities/28127
exchange.xforce.ibmcloud.com/vulnerabilities/28157