Vulnerability Details : CVE-2010-4056
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.
Vulnerability category: Memory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-4056
Probability of exploitation activity in the next 30 days: 2.87%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-4056
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2010-4056
-
http://aluigi.altervista.org/adv/soliddb_1-adv.txt
Exploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/62590
IBM solidDB database server denial of service CVE-2010-4057 Vulnerability Report
-
http://www.vupen.com/english/advisories/2010/2715
Webmail | OVH- OVHVendor Advisory
-
http://securitytracker.com/id?1024597
IBM solidDB Packet Processing Error Lets Remote Users Deny Service - SecurityTracker
-
http://www.exploit-db.com/exploits/15261
IBM solidDB 6.5.0.3 - Denial of Service - Multiple dos ExploitExploit
Products affected by CVE-2010-4056
- cpe:2.3:a:ibm:soliddb:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.0.1064:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.0.1061:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.0.1060:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:4.5.178:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:4.5.175:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:4.5.173:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:4.5.169:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:4.5.168:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.3.33:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.3.37:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.30.0039:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.0.1065:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:4.5.176:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.30.0040:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:4.5.167:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.0.1066:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.30.0044:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:6.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:soliddb:06.30.0047:*:*:*:*:*:*:*