In association with heise online

31 January 2008, 09:44

Security leaks in IBM's Informix Storage Manager

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

IBM has on Monday reported the discovery of security vulnerabilities in its Informix Storage Manager (ISM) backup server, which is shipped with various products including Informix Dynamic Server (IDS). Attackers can use manipulated RPC requests to cause buffer overflows in the software, allowing them to inject and execute malicious code.

The flaw, which the firm has not described in detail, is in the libraries used by the Windows versions of ISM to process data in the External Data Representation (XDR) format. XDR support is provided under UNIX dialects by the operating system itself, and reportedly does not contain the vulnerabilities. The flaw is therefore only present in Windows versions of ISM.

ISM receives the data via RPC requests. IBM recommends restricting access to RPC services via a firewall.

Port RPC service
7937 nsrexecd
7938 nsrexecd
7939 nsrd
7940 nsrmmdbd
7941 nsrmmd
111 Windows port mapper
36890 Windows port mapper

IBM reports that 32-bit Windows versions of Informix Dynamic Server 10.00.TC8 and 10.00.FC8 and both the 32 and 64-bit Windows versions of 11.10.TC2 and 11.10.FC2 contain the flawed versions of ISM. Older versions are apparently also affected. In the security advisory, the vendor provides links to further support information for registered customers. Administrators are advised to request current updates from IBM. For now, however, the firm is only shipping "special builds", as corrected versions are not expected to be ready until the end of February or sometime in March.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit