Advisory Number: SRT2004-01-18-0747 Product: IBM Informix IDS Version: 9.40.xC12 (tested 9.40.UC1) Vendor: http://www-3.ibm.com/software/data/informix/ Class: Local Criticality: High Operating System(s): nix Notice 1-2 day Early Warning List: Subscription available at http://advisories.secnetworkops.com 30-60 day Early Warning List: Subscription available for early vulnerability notification Alert Advisory Status: SNO has Proof of Concept Basic Explanation High Level Description: IDS 9.4 contains multiple vulnerabilities What to Do: Update to patch level IDS 9.40.UC3, 9.30.UC7 and 7.31.UD7 fix pack releases Basic Technical Details Proof Of Concept Status: SNO has Proof of Concept Vulnerabilities 1. Buffer Overflow in GL_PATH: A simple buffer overflow vulnerability in the GL_PATH environment variable. 2. Format String Vulnerability**: The INFORMIXDIR environment variable can be exploited to inject format string messages into the program, leading to arbitrary code execution. Vendor Status IBM addressed the issue promptly and efficiently.