Security leaks in IBM's Informix Storage Manager
IBM has on Monday reported the discovery of security vulnerabilities in its Informix Storage Manager (ISM) backup server, which is shipped with various products including Informix Dynamic Server (IDS). Attackers can use manipulated RPC requests to cause buffer overflows in the software, allowing them to inject and execute malicious code.
The flaw, which the firm has not described in detail, is in the libraries used by the Windows versions of ISM to process data in the External Data Representation (XDR) format. XDR support is provided under UNIX dialects by the operating system itself, and reportedly does not contain the vulnerabilities. The flaw is therefore only present in Windows versions of ISM.
ISM receives the data via RPC requests. IBM recommends restricting access to RPC services via a firewall.
| Port | RPC service |
|---|---|
| 7937 | nsrexecd |
| 7938 | nsrexecd |
| 7939 | nsrd |
| 7940 | nsrmmdbd |
| 7941 | nsrmmd |
| 111 | Windows port mapper |
| 36890 | Windows port mapper |
IBM reports that 32-bit Windows versions of Informix Dynamic Server 10.00.TC8 and 10.00.FC8 and both the 32 and 64-bit Windows versions of 11.10.TC2 and 11.10.FC2 contain the flawed versions of ISM. Older versions are apparently also affected. In the security advisory, the vendor provides links to further support information for registered customers. Administrators are advised to request current updates from IBM. For now, however, the firm is only shipping "special builds", as corrected versions are not expected to be ready until the end of February or sometime in March.
See also:
- Various stack and heap overflow problems in Informix Storage Manager (ISM), IBM security advisory
(mba)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
