|The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.|
IBM Informix Dynamic Server: privilege elevation via COLLATION
Synthesis of the vulnerability
A local attacker can use the SET COLLATION command of IBM Informix Dynamic Server, in order to generate a buffer overflow, and to execute code with privileges of the service.
Vulnerable products: Informix Server.
Severity of this weakness: 2/4.
Consequences of an attack: privileged access/rights.
Hacker's origin: user account.
Creation date: 25/09/2012.
Références of this bulletin: BID-55668, CERTA-2012-AVI-525, CVE-2012-3334, DCA-2011-0013, swg21611800, VIGILANCE-VUL-11976.
Description of the vulnerability
The "SET COLLATION" SQL command is used to define the sorting order of characters (most of the times, it depends on the locale). For example :
SET COLLATION en_us.8859-1
However, if the parameter is too long, an overflow occurs.
A local attacker can therefore use the SET COLLATION command of IBM Informix Dynamic Server, in order to generate a buffer overflow, and to execute code with privileges of the service.
Full Vigil@nce bulletin... (Free trial)
Computer vulnerabilities tracking service
Vigil@nce provides network vulnerability analysis. The Vigil@nce vulnerability database contains several thousand vulnerabilities. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.