Preemptive Protection against Multiple Vendors librpc.dll Stack Buffer Overflow
| Check Point Reference: | CPAI-2010-121 | |
| Date Published: | ||
| Preemptive Since: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA38731 | |
| Industry Reference(s): | CVE-2009-2754 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? EMC Legato NetWorker 7.x.x IBM Informix Dynamic Server prior to 10.00.TC9 | ||
| Vulnerability Description A buffer overflow vulnerability exists in IBM's Informix Dynamic Server and EMC's Legato Networker. Informix is a family of relational database management system (RDBMS) products by IBM. The vulnerability is due to insufficient validation of user input during authentication by the RPC protocol parsing library. An attacker can exploit this vulnerability to cause stack based buffer overflow which can lead to arbitrary code execution on the affected system. |
||
|
Update/Patch Available At the time of writing, the vendor has not released an advisory addressing this vulnerability. |
|
|
Vulnerability Details A stack buffer overflow vulnerability exists in RPC library of IBM Informix port mapper module, librpc.dll. The vulnerability is due to improper bounds checking of the remote procedure call authentication. |
Protection Overview The protection will detect and block attempts to access RPC programs via the portmapper.
To configure the defense, select your product from the list below and follow the related protection steps.