Informix Dynamic Server Multiple Remote Vulnerabilities

This script is Copyright (C) 2006-2011 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is affected by several
vulnerabilities.

Description :

The version of Informix Dynamic Server installed on the remote host
contains multiple vulnerabilities that may allow attackers to execute
arbitrary code, gain elevated privileges, uncover sensitive
information, deny service to legitimate users, etc. Some of these
issues can be exploited remotely without authentication.

See also :

http://www-1.ibm.com/support/docview.wss?uid=swg21242921

Solution :

Upgrade to Informix 10.00.xC4 / 9.40.xD8 / 7.31.xD9 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 22229 (informix_ids_mult_vulns.nasl)

Bugtraq ID: 19264

CVE ID: CVE-2006-3853
CVE-2006-3855
CVE-2006-3856
CVE-2006-3857
CVE-2006-3858
CVE-2006-3860
CVE-2006-3861
CVE-2006-3862

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial