A code execution vulnerability has been reported in IBM's Informix Dynamic Server. The vulnerability is due to insufficient validation of user input during authentication by the RPC protocol parsing library, librpc.dll. This library is used by the Portmapper service (portmap.exe) which runs on port TCP/36890.

An attacker can exploit this vulnerability to cause heap and stack based buffer overflows which can lead to arbitrary code execution in the context of the affected service, which is SYSTEM.

The vendor, IBM, has released advisories regarding this vulnerability which are available at:

http://www.ibm.com/support/docview.wss?uid=swg1IC55329

http://www.ibm.com/support/docview.wss?uid=swg1IC55330

• IBM Informix Dynamic Server prior to 10.00.TC9
• IBM Informix Dynamic Server prior to 11.10.TC3

• Access vector is NETWORK
• Access complexity is LOW
• Level of authentication required is NONE
• Impact of this vulnerability on data confidentiality is COMPLETE
• Impact of this vulnerability on data integrity is COMPLETE
• Impact of this vulnerability on data availability is COMPLETE

• The exploitability level of this vulnerability is UNPROVEN
• The remediation level of this vulnerability is OFFICIAL FIX
• The report confidence level of this vulnerability is CONFIRMED