NVD

Id
49986  
Name
CVE-2009-2754  
Description
Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2010-03-05  
Modified Date
2010-05-13  
Seq
2009-2754  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
252953 49986 CVE-2009-2754 http://knowledgebase.emc.com/emcice/login.do?sType=ax1990&sName=1204&id=emc183834  View
252954 49986 CVE-2009-2754 IC55329  View
252955 49986 CVE-2009-2754 IC55330  View
252956 49986 CVE-2009-2754 20100301 ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability  View
252957 49986 CVE-2009-2754 38472  View
252958 49986 CVE-2009-2754 ADV-2010-0508  View
252959 49986 CVE-2009-2754 ADV-2010-0509  View
252960 49986 CVE-2009-2754 http://www.zerodayinitiative.com/advisories/ZDI-10-023  View
252961 49986 CVE-2009-2754 ibm-ids-portmap-bo(56586)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37838 JVNDB-2010-003623 ISM Portmapper サービスの librpc.dll の認証機能における整数符号化エラーの脆弱性 IBM Informix Dynamic Server (IDS) および EMC Legato NetWorker で使用される Informix Storage Manager (ISM) Portmapper サービスの librpc.dll の認証機能には、整数符号化エラーの脆弱性が存在します。 CVE-2009-2754 40185 CVE-2009-2754 49986 10 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003623.html 2010-03-05 2012-06-26 View