Because this vulnerability exists during the authentication process, attackers without authentication credentials may attempt exploitation. Typical best-practices, such as a strong firewall policy and network separation, can prevent attacks by limiting access to trusted networks.
Currently, exploit code related to this vulnerability is not publicly available; however, sufficient technical details exist that exploits may be forthcoming. Administrators are advised to apply updates as soon as possible.
Although IBM only lists Windows versions of Informix as vulnerable, reports indicate Linux versions also contain this vulnerability.
Alert 11424 previously reported the release of a fix pack that resolves this vulnerability. Due
to the availability of additional technical information, this alert was created to expand one of the flaws addressed in Alert 11424.