Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Informix SE sqlexec本地缓冲区溢出漏洞
Vulnerability Description
Informix是一款由IBM公司开发和维护的企业级数据库系统。 Linux系统下的Informix-SE中的sqlexec对环境变量处理存在漏洞,可导致本地攻击者进行缓冲区溢出攻击,并提升权限。 Informix-SE中的sqlexec对拷贝到本地缓冲区中的INFORMIXDIR环境变量的边界长度缺少正确充分的检查,可导致本地攻击者提供超长的字符串数据作为INFORMIXDIR环境变量,当sqlexec处理时导致缓冲区溢出,由于sqlexec以setuid root属性方式安装,精心构建字符串数据可导致
CVSS Information
N/A
Vulnerability Type
N/A