CVE-2010-4056

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
ibmsoliddb
𝑥
≤ 6.5.0.3
ibmsoliddb
4.5.167
ibmsoliddb
4.5.168
ibmsoliddb
4.5.169
ibmsoliddb
4.5.173
ibmsoliddb
4.5.175
ibmsoliddb
4.5.176
ibmsoliddb
4.5.178
ibmsoliddb
6.0.1060
ibmsoliddb
6.0.1061
ibmsoliddb
6.0.1064
ibmsoliddb
6.0.1065
ibmsoliddb
6.0.1066
ibmsoliddb
6.1
ibmsoliddb
6.1.20
ibmsoliddb
6.3.33
ibmsoliddb
6.3.37
ibmsoliddb
6.5.0.0
ibmsoliddb
6.5.0.1
ibmsoliddb
6.5.0.2
ibmsoliddb
6.30.0039
ibmsoliddb
6.30.0040
ibmsoliddb
6.30.0044
ibmsoliddb
06.30.0047
𝑥
= Vulnerable software versions
References
http://aluigi.altervista.org/adv/soliddb_1-adv.txt
http://secunia.com/advisories/41873
http://securitytracker.com/id?1024597
http://www.exploit-db.com/exploits/15261
http://www.vupen.com/english/advisories/2010/2715
https://exchange.xforce.ibmcloud.com/vulnerabilities/62590
http://aluigi.altervista.org/adv/soliddb_1-adv.txt
http://secunia.com/advisories/41873
http://securitytracker.com/id?1024597
http://www.exploit-db.com/exploits/15261
http://www.vupen.com/english/advisories/2010/2715
https://exchange.xforce.ibmcloud.com/vulnerabilities/62590