Denial of Service Vulnerability in IBM solidDB Database Software
CVE-2010-4057

Currently unrated

Key Information:

Vendor: IBM
Status: Soliddb
Vendor: CVE Published:; 23 October 2010

Summary

The solid.exe in IBM solidDB versions 6.5.0.3 and earlier is susceptible to a denial of service condition due to improper handling of packet data. Attackers can exploit this vulnerability by sending specially crafted TCP packets that contain multiple integer fields with distinct values, resulting in invalid memory access and causing the daemon to crash. This can lead to service interruption, making the database unavailable for legitimate users.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/62590

vdb-entryx_refsource_XF

http://www.exploit-db.com/exploits/15261

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2010/2715

vdb-entryx_refsource_VUPEN

EPSS Score

20% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 23, 2010
Vulnerability Reserved
Oct 22, 2010