Vulnerability Name:

CVE-2009-2753 (CCN-56501)

Assigned:2009-08-12
Published:2010-02-25
Updated:2018-10-10
Summary:Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.8 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.8 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2009-2753

Source: CCN
Type: SA38731
IBM Informix Dynamic Server RPC Implementation Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
38731

Source: CCN
Type: SECTRACK ID: 1023669
IBM Informix Dynamic Server Buffer Overflows in 'librpc.dll' Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1023669

Source: AIXAPAR
Type: UNKNOWN
IC55329

Source: CCN
Type: IBM Web site
APAR IC55329

Source: AIXAPAR
Type: UNKNOWN
IC55330

Source: CCN
Type: OSVDB ID: 62783
IBM Informix Dynamic Server portmap.exe librpc.dll Authentication Functionality Multiple Overflows

Source: CCN
Type: OSVDB ID: 65507
EMC Networker portmap.exe librpc.dll Authentication Functionality Multiple Overflows

Source: BUGTRAQ
Type: UNKNOWN
20100301 ZDI-10-022: IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities

Source: BID
Type: UNKNOWN
38471

Source: CCN
Type: BID-38471
IBM Informix Dynamic Server 'librpc.dll' Multiple Buffer Overflow Vulnerabilities

Source: CCN
Type: BID-38472
Multiple Vendor 'librpc.dll' Stack Buffer Overflow Vulnerability

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2010-0508

Source: MISC
Type: UNKNOWN
http://www.zerodayinitiative.com/advisories/ZDI-10-022

Source: XF
Type: UNKNOWN
ibm-ids-librpc-bo(56501)

Source: CCN
Type: ZDI-10-022
IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ibm:informix_dynamic_server:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.tc1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc2e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc3e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc4e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc5e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc6e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc7e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc8e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc9e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:10.0.xc10e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:11.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:11.10.xc1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:11.10.xc1de:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:11.10.xc2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:11.10.xc2e:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:11.10.xc3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:11.10.xc3e:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:informix_dynamic_server:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:informix_dynamic_server:11.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ibm informix dynamic server 10.0
    ibm informix dynamic server 10.0.tc1
    ibm informix dynamic server 10.0.xc1
    ibm informix dynamic server 10.0.xc2e
    ibm informix dynamic server 10.0.xc3
    ibm informix dynamic server 10.0.xc3e
    ibm informix dynamic server 10.0.xc4
    ibm informix dynamic server 10.0.xc4e
    ibm informix dynamic server 10.0.xc5
    ibm informix dynamic server 10.0.xc5e
    ibm informix dynamic server 10.0.xc6
    ibm informix dynamic server 10.0.xc6e
    ibm informix dynamic server 10.0.xc7
    ibm informix dynamic server 10.0.xc7e
    ibm informix dynamic server 10.0.xc8
    ibm informix dynamic server 10.0.xc8e
    ibm informix dynamic server 10.0.xc9
    ibm informix dynamic server 10.0.xc9e
    ibm informix dynamic server 10.0.xc10
    ibm informix dynamic server 10.0.xc10e
    ibm informix dynamic server 11.1
    ibm informix dynamic server 11.10
    ibm informix dynamic server 11.10.xc1
    ibm informix dynamic server 11.10.xc1de
    ibm informix dynamic server 11.10.xc2
    ibm informix dynamic server 11.10.xc2e
    ibm informix dynamic server 11.10.xc3
    ibm informix dynamic server 11.10.xc3e
    ibm informix dynamic server 10.0
    ibm informix dynamic server 11.1