IBM SolidDB Stored Procedure Call Handling Denial Of Service Vulnerability Network Vulnerability

Summary

This host is running IBM solidDB and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow attacker to cause a denial of service. Impact Level: Application

Solution

Upgrade IBM solidDB to 6.0.1070, 6.3.0.56, 6.5.0.12, 7.0.0.4 or later, http://www-03.ibm.com/software/products/us/en/ibmsoli

Insight

The flaw is due to an error when calling stored procedures without input parameters when the parameters have default values. This can be exploited to trigger an exception and cause the server to shutdown.

Affected

IBM solidDB 6.0.x before 6.0.1070, 6.3.x before 6.3.0.56, 6.5.x before 6.5.0.12, and 7.0.x before 7.0.0.4

Detection

Get the installed version of IBM solidDB with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/53299
http://www-01.ibm.com/support/docview.wss?uid=swg1IC88797
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94044
http://www.osvdb.org/92955
http://xforce.iss.net/xforce/xfdb/84593

Updated on 2017-03-28

Severity

Classification

CVE CVE-2013-3031
CVSS Base Score: 3.5
AV:N/AC:M/Au:S/C:N/I:N/A:P

Related Vulnerabilities

IBM solidDB Stored Procedure Call Handling Denial of Service Vulnerability
MySQL Single Row Subselect Remote DoS
Oracle MySQL Multiple Unspecified vulnerabilities - 06 Jan14 (Windows)
PostgreSQL Low Cost Function Information Disclosure Vulnerability
Database Open Access Vulnerability

Take action and discover your vulnerabilities