CVE-2009-2753 Information

Description

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe) as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 allow remote attackers to execute arbitrary code via a crafted parameter size.

Reference

http://secunia.com/advisories/38731 http://securitytracker.com/id?1023669 http://www.ibm.com/support/docview.wss?uid=swg1IC55329 http://www.ibm.com/support/docview.wss?uid=swg1IC55330 http://www.securityfocus.com/archive/1/509789/100/0/threaded http://www.securityfocus.com/bid/38471 http://www.vupen.com/english/advisories/2010/0508 http://www.zerodayinitiative.com/advisories/ZDI-10-022