Detections
Analytics
IBM Solid Database < 6.30.0.37 Remote Denial of Service
medium Nessus Network Monitor Plugin ID 5245
Synopsis
The remote database server is vulnerable to a denial-of-service attack.Description
The remote host is running IBM SolidDB. The installed version of SolidDB is earlier than 6.30.0.37. Such versions are potentially affected by a denial-of-service in 'solid.exe' when handling a specially crafted network packet containing an invalid error code.Solution
Upgrade to IBM SolidDB 6.30.0.37 or later.See Also
http://www.coresecurity.com/content/ibm-soliddb-errorcode-dos
http://archives.neohapsis.com/archives/fulldisclosure/current/0207.html
http://www-01.ibm.com/support/docview.wss?rs=0&q1=solidb&uid=swg24024510
Plugin Details
Severity: Medium
ID: 5245
Family: Database
Published: 11/25/2009
Updated: 3/6/2019
Nessus ID: 42877
Risk Information
VPR
Risk Factor: Medium
Score: 4.2
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 4.1
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS v3
Risk Factor: Medium
Base Score: 5.3
Temporal Score: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:ibm:soliddb
Patch Publication Date: 11/17/2009
Vulnerability Publication Date: 11/18/2009
Reference Information
CVE: CVE-2009-3840
BID: 37053