CVE-2011-1208

Severity

78%

Complexity

99%

Confidentiality

115%

Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'

IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command.

Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'

CVSS 2.0 Base Score 7.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C).

Overview

Type

IBM solidDB

First reported 13 years ago

2011-05-05 02:39:00

Last updated 7 years ago

2017-08-17 01:34:00

Affected Software

IBM solidDB 4.5.167

4.5.167

IBM solidDB 4.5.168

4.5.168

IBM solidDB 4.5.169

4.5.169

IBM solidDB 4.5.173

4.5.173

IBM solidDB 4.5.175

4.5.175

IBM solidDB 4.5.176

4.5.176

IBM solidDB 4.5.178

4.5.178

IBM solidDB 6.0.1060

6.0.1060

IBM solidDB 6.0.1061

6.0.1061

IBM solidDB 6.0.1064

6.0.1064

IBM solidDB 6.0.1065

6.0.1065

IBM solidDB 6.0.1066

6.0.1066

IBM solidDB 6.1.20

6.1.20

IBM solidDB 6.3.33 (6.3 Fix Pack 2)

6.3.33

IBM solidDB 6.3.37 (6.3 Fix Pack 3)

6.3.37

IBM solidDB 6.3.38

6.3.38

IBM solidDB 6.3.39

6.3.39

IBM solidDB 6.3.40

6.3.40

IBM solidDB 6.3.44

6.3.44

IBM solidDB 6.3.47

6.3.47

IBM solidDB 6.3.48

6.3.48

IBM solidDB 6.5.0.0

6.5.0.0

IBM solidDB 6.5.0.1 (Fix Pack 1)

6.5.0.1

IBM solidDB 6.5.0.2 (Fix Pack 2)

6.5.0.2

IBM solidDB 6.5.0.3 (Fix Pack 3)

6.5.0.3

References

44380

Vendor Advisory

1025451

http://www.ibm.com/support/docview.wss?uid=swg21496106

47584

ADV-2011-1117

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-11-142/

soliddb-null-pointer-dos(67019)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.