IBM software still has security flaws

Aug. 8, 2006 at 4:26 PM
share with facebook
share with twitter
Sign up for our Security newsletter

LAS VEGAS, Aug. 8 (UPI) -- IBM software continues to contain significant security flaws that could be exploited by hackers or terrorists.

At the Black Hat computer security conference in Las Vegas this week, British computer security expert David Litchfield told participants about more than 20 holes that he and his researchers at Britain's Next Generation Security Software Ltd. had uncovered in IBM's Informix database family. reported Monday that among the flaws discovered by Litchfield and his teams were vulnerabilities that could allow an attacker to mount a denial-of-service attack, gain access to data or simply compromise the database's integrity. According to Litchfield, IBM Informix versions 7.3, 9.4, and 10.0. are affected.

The security website Secunia has since released more details of the IBM Informix vulnerabilities, labelling them as "moderately critical".

Litchfield told attendees, "In my opinion, database security is riddled with holes and it's the biggest problem we face in IT today. The database attacks are out there and these data breaches show it. They just aren't noticed at the time."

In 2004 Litchfield uncovered a large number flaws in Oracle software products and subsequently pressured the company on its sluggishness to address the security flaws.

Related UPI Stories
Trending Stories