Added: 09/27/2017
CVE: CVE-2017-1092
BID: 98615
IBM Informix Dynamic Server (IDS) is an online transaction processing (OLTP) data server for enterprise and workgroup computing. Open Admin Tool (OAT) is an open source, platform-independent tool providing a graphical interface for administrative tasks and performance analysis for IDS.
The **welcomeServer**
SOAP service does not properly validate user input in the **new_home_page**
parameter of the **saveHomePage**
method. This allows arbitrary code to be written to the **config.php**
file which is accessible directly from the Open Admin web root. If successfully exploited, an unauthenticated user could execute arbitrary code as system admin on Windows servers and as an unprivileged user on *nix servers.
Apply the appropriate patches referenced in IBM Security Bulletin: Vulnerabilities in Informix Dynamic Server and Informix Open Admin Tool.
<http://www-01.ibm.com/support/docview.wss?uid=swg22002897>
<https://www.exploit-db.com/exploits/42541/>
Exploit works on IBM Open Admin Tool 3.14 on Informix 12.1 Developer Edition (SUSE Linux 11) virtual appliance.
The Open Admin welcome message in **config.php**
needs to be restored if exploit was successful.