IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Soliddb | Ibm | * | 06.00.1018 (including) |
References
- http://aluigi.altervista.org/adv/soliduro-adv.txt
- http://aluigi.org/poc/soliduro.zip
- http://secunia.com/advisories/29512
- http://securitytracker.com/id?1019721
- http://www.securityfocus.com/archive/1/490129/100/0/threaded
- http://www.securityfocus.com/bid/28468
- http://www.vupen.com/english/advisories/2008/1038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41488
- http://aluigi.altervista.org/adv/soliduro-adv.txt
- http://aluigi.org/poc/soliduro.zip
- http://secunia.com/advisories/29512
- http://securitytracker.com/id?1019721
- http://www.securityfocus.com/archive/1/490129/100/0/threaded
- http://www.securityfocus.com/bid/28468
- http://www.vupen.com/english/advisories/2008/1038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41488