main content
Login United States - English
CA, Transforming IT Management
Search Technical Support:
    • How to Buy
    • Insights
      • Insights by Topic
      • Blogs
      • On-Demand Webcasts
      • Podcasts
      • Success Stories
      • White Papers
      • Smart Enterprise Magazine
    • Partners
      • Channel Partners
      • Service & Consulting Partners
      • OEM Partners
      • Strategic Alliances
      • Technology Partners
      • Partner Locator
      • Partner Portal
    • Support
      • Technical Support
        • Enterprise
        • Small and Medium Business
        • Home and Home Office
      • Customer Care
      • Global Security Advisor
      • User Communities
    • Education
      • Find Education by Product Category
      • Find Courses
      • Learning Paths
      • Accreditations
      • Policies
      • Resources
      • Partners
    • Solutions
      • Enterprise IT Management
      • Capability Solutions
      • Industry Solutions
      • Mainframe
      • On-Demand Solutions
      • Services
    • Products
      • Product Categories
        • Application Development & Databases
        • Application Performance Management
        • Database Management
        • Governance
        • Infrastructure & Operations Management
        • Mainframe
        • Project, Portfolio & Financial Management
        • Security Management
        • Service Management
        • Storage and Recovery Management
      • Product List
      • Demos
      • Special Offers
      • Trials
SupportConnect - Ingres Security Alert
  

Ingres Security Alert

June 21, 2007

Dear Valued CA and Ingres Customer:

Information security is of utmost priority to Ingres and CA. A number of vulnerabilities have recently been identified in Ingres 2006 (version 9.0.4), Ingres r3, Ingres 2.6 and Ingres 2.5. We have given these vulnerabilities a security threat level of High, and recommend that the available security patches be applied immediately.

Fixes are available for the current release of Ingres (Ingres 2006), for Ingres r3 on Windows, Linux, Solaris, AIX and HP and for Ingres 2.5 and 2.6 versions on their respective platforms. The security fixes are available and can be quickly applied with little to no anticipated impact to systems.

Important Security Notice for Customers Using Products That Embed Ingres

CA customers, with a current CA support contract, can download fixes from CA SupportConnect from the MDB home page: http://supportconnect.ca.com/.

We would like to thank Chris Anley (chris@ngssoftware.com), Director and Founder of NGSSoftware, Ltd., for bringing the following vulnerabilities to our attention:

Ingres controllable pointer overwrite vulnerability - bug 115927
Description: An unauthenticated attacker can potentially execute arbitrary code within the context of the database server.

Ingres remote unauthenticated pointer overwrite 2 - bug 115927
Description: An unauthenticated attacker can exploit a pointer overwrite vulnerability to execute arbitrary code within the context of the database server.

Ingres wakeup file overwrite - bug 115913
Description: The "wakeup" binary creates a file named "alarmwkp.def" in the current directory, truncating the file if it already exists. The "wakeup" binary is setuid "ingres" and world-executable. Consequently, an attacker can truncate a file with the privileges of the "ingres" user.

Ingres uuid_from_char stack overflow - bug 115911
Description: An attacker can pass a long string as an argument to uuid_from_char() to cause a stack buffer overflow and the saved returned address can be overwritten.

Ingres verifydb local stack overflow - bug 115911
Description: A local attacker can exploit a stack overflow in the Ingres verifydb utility duve_get_args function.

We would like to additionally thank iDefense Labs for bringing the following vulnerabilities to our attention.

Communication server heap corruption - bug 117523
Description: An attacker can execute arbitrary code within the context of the communications server (iigcc.exe). This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2023.

Data Access/JDBC server heap corruption - bug 117523
Description: An attacker can execute arbitrary code within the context of the Data Access server (iigcd.exe) in r3 or the JDCB server in older releases. This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2022.

All Ingres r3 patches available from CA have passed individual product testing, and certification within CA's Integration, Stress and Interoperability (ISI) lab. Fixes for all of these vulnerabilities are included in the 1198x set of patches. Ingres 2.6 SP5, for all platforms, includes these vulnerability fixes and has been tested by the embedding product teams.

For more information about Ingres security alerts and to register to proactively receive these alerts via email please send an email to: ingressvnotification-request@lists.ingres.com.

Regards,

Bill Maimone
Senior Vice President
Engineering
Ingres Corporation		 Ken Williams
Director
Vulnerability Research
CA		 Richard Owen
Senior Manager
Ingres Advisory Team
CA
main content
 
 
 
Page Tools
printPrint
 
 
Sitemap  |  Privacy  |  Legal  |  Copyright © 2008 CA
About Us  |  News  |  Events  |  Contact Us  |  RSS Feeds