At the Black Hat computer security conference in Las Vegas this week, British computer security expert David Litchfield told participants about more than 20 holes that he and his researchers at Britain's Next Generation Security Software Ltd. had uncovered in IBM's Informix database family.
TechWorld.com reported Monday that among the flaws discovered by Litchfield and his teams were vulnerabilities that could allow an attacker to mount a denial-of-service attack, gain access to data or simply compromise the database's integrity. According to Litchfield, IBM Informix versions 7.3, 9.4, and 10.0. are affected.
The security website Secunia has since released more details of the IBM Informix vulnerabilities, labelling them as "moderately critical".
Litchfield told attendees, "In my opinion, database security is riddled with holes and it's the biggest problem we face in IT today. The database attacks are out there and these data breaches show it. They just aren't noticed at the time."
In 2004 Litchfield uncovered a large number flaws in Oracle software products and subsequently pressured the company on its sluggishness to address the security flaws.