IBM DB2 Multiple Security Vulnerabilities
BID:52326
Info
IBM DB2 Multiple Security Vulnerabilities
| Bugtraq ID: | 52326 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Mar 07 2012 12:00AM |
| Updated: | Mar 07 2012 12:00AM |
| Credit: | IBM |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
IBM DB2 Multiple Security Vulnerabilities
IBM DB2 is prone to multiple security vulnerabilities, including:
1. An insecure file-permissions vulnerability
2. Multiple denial-of service vulnerabilities
3. A local privilege-escalation vulnerability
4. A security-bypass vulnerability
5. An information disclosure vulnerability
An attacker can exploit these vulnerabilities to disclose sensitive information, gain elevated privileges, bypass security restrictions, or deny service to legitimate users. Other attacks are also possible.
IBM DB2 versions prior to 9.5 Fix Pack 9 are vulnerable.
IBM DB2 is prone to multiple security vulnerabilities, including:
1. An insecure file-permissions vulnerability
2. Multiple denial-of service vulnerabilities
3. A local privilege-escalation vulnerability
4. A security-bypass vulnerability
5. An information disclosure vulnerability
An attacker can exploit these vulnerabilities to disclose sensitive information, gain elevated privileges, bypass security restrictions, or deny service to legitimate users. Other attacks are also possible.
IBM DB2 versions prior to 9.5 Fix Pack 9 are vulnerable.
Exploit / POC
IBM DB2 Multiple Security Vulnerabilities
Attackers can exploit these issues through readily available tools.
Attackers can exploit these issues through readily available tools.
Solution / Fix
IBM DB2 Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
IBM DB2 Multiple Security Vulnerabilities
References:
References: