IBM DB2 Universal Database Unspecified Vulnerability

Bugtraq ID:	12508
Class:	Unknown
CVE:
Remote:	Yes
Local:	No
Published:	Feb 09 2005 12:00AM
Updated:	Feb 09 2005 12:00AM
Credit:	Discovery of this vulnerability is credited to "NGSSoftware Insight Security Research" <[email protected]>.
Vulnerable:	IBM DB2 Universal Database for Windows 8.1 IBM DB2 Universal Database for Windows 8.0 IBM DB2 Universal Database for Windows 7.2 IBM DB2 Universal Database for Windows 7.1 IBM DB2 Universal Database for Solaris 8.1 IBM DB2 Universal Database for Solaris 8.0 IBM DB2 Universal Database for Solaris 7.2 IBM DB2 Universal Database for Solaris 7.1 IBM DB2 Universal Database for Solaris 7.0 IBM DB2 Universal Database for Solaris 6.1 IBM DB2 Universal Database for Solaris 6.0 IBM DB2 Universal Database for Linux 8.1 IBM DB2 Universal Database for Linux 8.0 IBM DB2 Universal Database for Linux 7.2 IBM DB2 Universal Database for Linux 7.1 IBM DB2 Universal Database for Linux 7.0 IBM DB2 Universal Database for Linux 6.1 - Caldera OpenLinux 2.4 - Redhat Linux 7.0 - SuSE Linux 7.0 - Turbolinux Turbolinux 6.0.4 IBM DB2 Universal Database for Linux 6.0 IBM DB2 Universal Database for HP-UX 8.1 IBM DB2 Universal Database for HP-UX 8.0 IBM DB2 Universal Database for HP-UX 7.2 IBM DB2 Universal Database for HP-UX 7.1 IBM DB2 Universal Database for HP-UX 7.0 IBM DB2 Universal Database for HP-UX 6.1 IBM DB2 Universal Database for HP-UX 6.0 IBM DB2 Universal Database for AIX 8.1 IBM DB2 Universal Database for AIX 8.0 IBM DB2 Universal Database for AIX 7.2 IBM DB2 Universal Database for AIX 7.1 IBM DB2 Universal Database for AIX 7.0 IBM DB2 Universal Database for AIX 6.1 IBM DB2 Universal Database for AIX 6.0
Not Vulnerable:

IBM DB2 Universal Database Unspecified Vulnerability

IBM DB2 Universal Database is reported prone to a vulnerability. The details of this issue are unspecified.

The discoverer of this issue has reported that further details regarding this vulnerability will be released on the 9th of May 2005. When these details are released this BID will be updated with the additional details.

This vulnerability is reported to exist in IBMDB2 Universal Database version 8.1 and previous versions.

IBM DB2 Universal Database Unspecified Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

IBM DB2 Universal Database Unspecified Vulnerability

Solution:
It is reported that the vendor has released Fixpak 8 for DB2 Universal Database 8.1 to address this vulnerability; this Fixpack is available at the following location:

http://www-306.ibm.com/software/data/db2/udb/support/downloadv8.html

IBM DB2 Universal Database Unspecified Vulnerability

References:

• Find links to the all DB2 FixPaks and client code for DB2 UDB Version 8. (IBM)
  
• DB2 Technical Support (IBM)
  
• Patch available for high risk IBM DB2 Universal Database flaw ("NGSSoftware Insight Security Research" )