IBM DB2 Unauthorized System Resource Access Vulnerability
BID:12509
Info
IBM DB2 Unauthorized System Resource Access Vulnerability
| Bugtraq ID: | 12509 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 10 2005 12:00AM |
| Updated: | Feb 10 2005 12:00AM |
| Credit: | Discovery is credited to Chris Anley of NGS Software. |
| Vulnerable: |
IBM DB2 Universal Database for Windows 8.1 IBM DB2 Universal Database for Windows 8.0 IBM DB2 Universal Database for Windows 7.2 IBM DB2 Universal Database for Windows 7.1 |
| Not Vulnerable: | |
Discussion
IBM DB2 Unauthorized System Resource Access Vulnerability
IBM DB2 on Windows platforms is prone to a security vulnerability. The vulnerability is that IBM DB2 resources may be accessible to local users. It is reported that this could be exploited to launch denial of service attacks against the database, view query results, or obtain database credentials.
This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified Vulnerability.
IBM DB2 on Windows platforms is prone to a security vulnerability. The vulnerability is that IBM DB2 resources may be accessible to local users. It is reported that this could be exploited to launch denial of service attacks against the database, view query results, or obtain database credentials.
This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified Vulnerability.
Exploit / POC
IBM DB2 Unauthorized System Resource Access Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
IBM DB2 Unauthorized System Resource Access Vulnerability
Solution:
It is reported that the vendor has released Fixpak 8 for DB2 Universal Database 8.1 to address this vulnerability.
IBM DB2 Universal Database for Windows 8.0
IBM DB2 Universal Database for Windows 8.1
Solution:
It is reported that the vendor has released Fixpak 8 for DB2 Universal Database 8.1 to address this vulnerability.
IBM DB2 Universal Database for Windows 8.0
-
IBM DB2 Universal Database Version 8 FixPak 8
http://www-1.ibm.com/support/docview.wss?rs=0&uid=swg24008763
IBM DB2 Universal Database for Windows 8.1
-
IBM DB2 Universal Database Version 8 FixPak 8
http://www-1.ibm.com/support/docview.wss?rs=0&uid=swg24008763
References
IBM DB2 Unauthorized System Resource Access Vulnerability
References:
References: