CVE-2006-3858IBM Informix Dynamic Server vulnerability

3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 79.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Informix Dynamic Server
Timeline
PublishedAug 8
Latest updateMay 1

Description

IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in plaintext in shared memory, which allows local users to obtain passwords by reading the memory (product defects 171893, 171894, 173772).

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDibm/informix_dynamic_server11 versions+10

Patches

Patch: secunia.comPatch: www-1.ibm.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-gh59-qrg6-2f79: IBM Informix Dynamic Server (IDS) before 92022-05-01
CVEList
CVE-2006-3858: IBM Informix Dynamic Server (IDS) before 92006-08-08
CVE-2006-3858 — IBM vulnerability | cvebase