CVE-2006-3857: CVE-2006-3857

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3857

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.00.TC3 allow remote authenticated users to execute arbitrary code via (1) the getname function, as used by (a) _sq_remview, (b) _sq_remproc, (c) _sq_remperms, (d) _sq_distfetch, and (e) _sq_dcatalog; and the (2) SET DEBUG FILE, (3) IFX_FILE_TO_FILE, (4) FILETOCLOB, (5) LOTOFILE, and (6) DBINFO functions (product defect IDs 171649, 171367, 171387, 171391, 171906, 172179).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Informix Dynamic Server 多个SQL语句存在溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Informix Dynamic Server(IDS)是一款由IBM开发的数据库。在SQL级别以下SQL语句存在溢出漏洞： SET DEBUG FILE IFX_FILE_TO_FILE FILETOCLOB LOTOFILE DBINFO 在协议级别以下C函数存在溢出： _sq_remview _sq_remproc _sq_remperms _sq_distfetch _sq_dcatalog 上述语句或函数都调用了getname()函数。该函数将源字符串拷贝到目标缓冲区，类似于strcpy()。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-3857

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-3857

Please Login to view more intelligence information

http://www-1.ibm.com/support/docview.wss?uid=swg21242921x_refsource_CONFIRM
http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdfx_refsource_MISC
http://www.osvdb.org/27693vdb-entryx_refsource_OSVDB
http://www.osvdb.org/27688vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/21301third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/27683vdb-entryx_refsource_OSVDB
http://www.osvdb.org/27681vdb-entryx_refsource_OSVDB
http://www.osvdb.org/27682vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/19264vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2006/3077vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/28118vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/28127vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/28119vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/28126vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/28157vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/28120vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/443133/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/443210/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-3857

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-3857

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2006-3857

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-3857

III. Intelligence Information for CVE-2006-3857

IV. Related Vulnerabilities

V. Comments for CVE-2006-3857

Leave a comment