CVE

Id
40189  
CVE No.
CVE-2009-2754  
Status
Candidate  
Description
Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.  
Phase
Assigned (20090812)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
441834 40189 CVE-2009-2754 BUGTRAQ:20100301 ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability  View
441835 40189 CVE-2009-2754 URL:http://www.securityfocus.com/archive/1/archive/1/509793/100/0/threaded  View
441836 40189 CVE-2009-2754 MISC:http://www.zerodayinitiative.com/advisories/ZDI-10-023  View
441837 40189 CVE-2009-2754 CONFIRM:http://knowledgebase.emc.com/emcice/login.do?sType=ax1990&sName=1204&id=emc183834  View
441838 40189 CVE-2009-2754 AIXAPAR:IC55329  View
441839 40189 CVE-2009-2754 URL:http://www.ibm.com/support/docview.wss?uid=swg1IC55329  View
441840 40189 CVE-2009-2754 AIXAPAR:IC55330  View
441841 40189 CVE-2009-2754 URL:http://www.ibm.com/support/docview.wss?uid=swg1IC55330  View
441842 40189 CVE-2009-2754 BID:38472  View
441843 40189 CVE-2009-2754 URL:http://www.securityfocus.com/bid/38472  View
441844 40189 CVE-2009-2754 SECUNIA:38731  View
441845 40189 CVE-2009-2754 URL:http://secunia.com/advisories/38731  View
441846 40189 CVE-2009-2754 VUPEN:ADV-2010-0508  View
441847 40189 CVE-2009-2754 URL:http://www.vupen.com/english/advisories/2010/0508  View
441848 40189 CVE-2009-2754 VUPEN:ADV-2010-0509  View
441849 40189 CVE-2009-2754 URL:http://www.vupen.com/english/advisories/2010/0509  View
441850 40189 CVE-2009-2754 XF:ibm-ids-portmap-bo(56586)  View

Related JVN