Remote File Overwrite Flaw in IBM Informix Dynamic Server
CVE-2006-3859

Currently unrated

Key Information:

Vendor: IBM
Status: Informix Dynamic Database Server
Vendor: CVE Published:; 17 August 2006

Summary

IBM Informix Dynamic Server (IDS) is susceptible to a vulnerability that permits remote authenticated users to create and overwrite arbitrary files. This can be executed through the LOTOFILE and trl_tracefile_set functions, as well as via commands like 'SET DEBUG FILE'. The exploitation of this vulnerability can lead to unauthorized file manipulation, potentially causing significant disruption to services and data integrity.

References

http://securityreason.com/securityalert/1408

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/443133/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/28383

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 17, 2006
Vulnerability Reserved
Jul 26, 2006