CVE-2004-2131

IBM Informix Dynamic Server <9.40.xC3 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2004-2131. PoCs published by pask.

AI-analyzed exploit summary This exploit targets a local stack-based buffer overflow in the ontape binary of IBM Informix Dynamic Server 9.40. It leverages an unchecked ONCONFIG environment variable to overwrite the stack and execute arbitrary shellcode, leading to privilege escalation from the informix user to root.

Description

Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.

Exploits (2)

exploitdb WORKING POC VERIFIED

by pask · clocalunix

https://www.exploit-db.com/exploits/23610

View Code ZIP pw:eip

This exploit targets a local stack-based buffer overflow in the ontape binary of IBM Informix Dynamic Server 9.40. It leverages an unchecked ONCONFIG environment variable to overwrite the stack and execute arbitrary shellcode, leading to privilege escalation from the informix user to root.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: IBM Informix Dynamic Server 9.40

Auth required

Prerequisites: Local access to the system · Informix user privileges · Presence of the vulnerable ontape binary

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1555 - Credentials from Password Stores

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by pask · bashlocalunix

https://www.exploit-db.com/exploits/23609

View Code ZIP pw:eip

This exploit targets a predictable temporary file vulnerability in IBM Informix Dynamic Server's onedcu binary. It creates a symbolic link to a cron file, which is then overwritten to add a privileged user, achieving local privilege escalation.