CVE-2011-1208 Information

Description

IBM solidDB 4.5.x before 4.5.182 6.0.x before 6.0.1069 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49) and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command.

Reference

http://secunia.com/advisories/44380 http://securitytracker.com/id?1025451 http://www.ibm.com/support/docview.wss?uid=swg21496106 http://www.securityfocus.com/bid/47584 http://www.vupen.com/english/advisories/2011/1117 http://www.zerodayinitiative.com/advisories/ZDI-11-142/ https://exchange.xforce.ibmcloud.com/vulnerabilities/67019