Denial of Service Vulnerability in IBM solidDB by Remote Attackers
CVE-2010-4055

Currently unrated

Key Information:

Vendor: IBM
Status: Soliddb
Vendor: CVE Published:; 23 October 2010

Summary

A stack consumption vulnerability has been identified in solid.exe of IBM solidDB versions 6.5.0.3 and earlier. This vulnerability allows remote attackers to exploit the system by connecting to TCP port 1315 and sending specially crafted packets containing numerous integer fields. The exploitation of this vulnerability triggers extensive recursive function calls, leading to significant memory consumption, ultimately resulting in the daemon crashing and rendering the database service unavailable to legitimate users.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/62590

vdb-entryx_refsource_XF

http://www.exploit-db.com/exploits/15261

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2010/2715

vdb-entryx_refsource_VUPEN

EPSS Score

20% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 23, 2010
Vulnerability Reserved
Oct 22, 2010