Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:IBM-INFORMIX-OPENADMIN-CE

Severity

 Critical

Recommended

 Yes

Recommended Action

 Drop

Category

 HTTP

Keywords

 IBM Informix OpenAdmin Tool welcomeService.php Command Execution

Release Date

 2018/02/14

Update Number

 3037

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: IBM Informix OpenAdmin Tool welcomeService.php Command Execution


This signature detects attempts to exploit a known vulnerability in the welcomeService.php script of IBM Informix OpenAdmin Tool, packaged as part of Dynamic Server. Successful exploitation could result in code execution under the security context of SYSTEM.

Extended Description

IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390.

Affected Products

  • Ibm informix_open_admin_tool 11.5
  • Ibm informix_open_admin_tool 11.7
  • Ibm informix_open_admin_tool 12.1

References

  • CVE: CVE-2017-1092
  • URL: https://www-01.ibm.com/support/docview.wss?uid=swg22002897
  • URL: https://blogs.securiteam.com/index.php/archives/3210
  • URL: http://seclists.org/fulldisclosure/2017/May/105

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out