Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Informix SQL SNMPDM Predictable Temporary File Creation Vulnerability

Informix SQL SNMPDM Predictable Temporary File Creation Vulnerability

by Phiber on September 6th, 2001 A problem with the Informix SQL add-on package makes it possible for a local user to overwrite critical system files. Due to the creation of predictable file "snmpd.log" in the /tmp directory, it's possible for a local user to take advantage of the flaw in setuid root program snmpdm.


This could result in a denial of service, or the elevation of privileges.

Credits go to [email protected]


FYI:

Informix is an enterprise level database maintained and distributed by IBM.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »