Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.SOLIDDB_STORED_PROCEDURE_DOS.NASL
HistoryMay 08, 2013 - 12:00 a.m.

IBM solidDB Stored Procedure Call Remote Denial of Service

2013-05-0800:00:00
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS

0.006

Percentile

78.9%

JSON

The version of IBM solidDB installed on the remote host is 6.5.x prior to 6.5.0.12, 6.30.x prior to 6.30.0.55, 6.0.x prior to 6.0.0.1070, or 7.0.x prior to 7.0.0.4. It therefore is reportedly affected by a remote denial of service vulnerability that can be triggered by calling a stored procedure with an omitted default value parameter.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(66351);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id("CVE-2013-3031");
  script_bugtraq_id(59637);

  script_name(english:"IBM solidDB Stored Procedure Call Remote Denial of Service");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has a database server installed that is affected by a
remote denial of service vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of IBM solidDB installed on the remote host is 6.5.x prior
to 6.5.0.12, 6.30.x prior to 6.30.0.55, 6.0.x prior to 6.0.0.1070, or
7.0.x prior to 7.0.0.4.  It therefore is reportedly affected by a
remote denial of service vulnerability that can be triggered by
calling a stored procedure with an omitted default value parameter.");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg1IC94043");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg1IC94044");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg1IC88796");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg1IC88797");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21643599");
  # https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_soliddb_ibm_soliddb_universal_cache_stored_procedure_vulnerability_cve_2013_30311?lang=en_us
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?64f69819");
  # https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_soliddb_ibm_soliddb_universal_cache_stored_procedure_vulnerability_cve_2013_3031?lang=en_us
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?24195ffd");
  script_set_attribute(attribute:"solution", value:
"Upgrade solidDB to version 6.0.0.1070 / 6.30.0.55 / 6.5.0.12 / 7.0.0.4 or later.");
  script_set_attribute(attribute:"agent", value:"windows");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-3031");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/12/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/08");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:soliddb");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("soliddb_installed.nasl", "soliddb_detect.nasl");
  script_require_keys("SMB/solidDB/installed");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

get_kb_item_or_exit('SMB/solidDB/installed');

installs = get_kb_list_or_exit('SMB/solidDB/*/path');

if (report_paranoia < 2) get_kb_item_or_exit('Services/soliddb');

vuln = 0;
report = '';

foreach item (keys(installs))
{
  version = item - 'SMB/solidDB/';
  version = version - '/path';
  path = installs[item];

  ver = split(version, sep:'.', keep:FALSE);
  for (i=0; i<max_index(ver); i++)
    ver[i] = int(ver[i]);

  if (
    (ver[0] == 6 && ver[1] == 5  && ver[2] == 0 && ver[3] < 12) ||
    (ver[0] == 6 && ver[1] == 30 && ver[2] == 0 && ver[3] < 56) ||
    (ver[0] == 6 && ver[1] == 0  && ver[2] == 0 && ver[3] < 1070) ||
    (ver[0] == 7 && ver[1] == 0  && ver[2] == 0 && ver[3] < 4)
  )
  {
    vuln++;
    if (ver[0] == 6)
    {
      if(ver[1] == 0)
        fix = '6.0.0.1070';
      else if(ver[1] == 30)
        fix = '6.30.0.56';
      else fix = '6.5.0.12';
    }
    else
      fix = '7.0.0.4';

    report +=
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + fix + '\n';
  }
}

if (report)
{
  port = get_kb_item("SMB/transport");
  if (!port) port = 445;

  if (report_verbosity > 0)
  {
    if (vuln > 1) s = 's of solidDB were found ';
    else s = ' of solidDB was found ';
    report =
      '\n  The following vulnerable install' + s + 'on the' +
      '\n  remote host :' +
      '\n' +
      report;
    security_note(port:port, extra:report);
  }
  else security_note(port);
  exit(0);
}
exit(0, 'No vulnerable installs of solidDB were detected on the remote host.');

Related

prion 1
nvd 1
openvas 1
cvelist 1
cve 1
prion
prion
Sql injection
2013-09-09 01:55:00
nvd
nvd
CVE-2013-3031
2013-09-09 01:55:06
openvas
openvas
IBM solidDB Stored Procedure Call Handling Denial of Service Vulnerability
2013-09-20 00:00:00
cvelist
cvelist
CVE-2013-3031
2013-09-09 01:00:00
cve
cve
CVE-2013-3031
2013-09-09 01:55:06

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS

0.006

Percentile

78.9%

JSON
Related for SOLIDDB_STORED_PROCEDURE_DOS.NASL
prion1nvd1openvas1cvelist1cve1