Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.801930 |
Categoría: | Databases |
Título: | IBM Db2 Multiple Security Bypass Vulnerabilities (May-11) |
Resumen: | The host is running IBM Db2 and is prone to multiple security bypass; vulnerabilities. |
Descripción: | Summary: The host is running IBM Db2 and is prone to multiple security bypass vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An access validation error which could allow users to update statistics for tables without appropriate privileges. - An error when revoking role memberships, which could result in a user continuing to have privileges to execute a non-DDL statement after role membership has been revoked from its group. Vulnerability Impact: Successful exploitation will allow attackers to bypass security restrictions, gain knowledge of sensitive information or cause a denial of service. Affected Software/OS: IBM Db2 versions prior to 9.5 Fix Pack 7 and prior to 9.7 Fix Pack 4 Solution: Update Db2 to 9.5 Fix Pack 7, 9.7 Fix Pack 4, or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P |
Referencia Cruzada: |
BugTraq ID: 47525 Common Vulnerability Exposure (CVE) ID: CVE-2011-1846 AIX APAR: IC71263 http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263 AIX APAR: IC71375 http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375 http://www.securityfocus.com/bid/47525 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688 http://secunia.com/advisories/44229 http://www.vupen.com/english/advisories/2011/1083 XForce ISS Database: db2-data-services-sec-bypass(66980) https://exchange.xforce.ibmcloud.com/vulnerabilities/66980 Common Vulnerability Exposure (CVE) ID: CVE-2011-1847 AIX APAR: IC71413 http://www-01.ibm.com/support/docview.wss?uid=swg1IC71413 AIX APAR: IC72119 http://www-01.ibm.com/support/docview.wss?uid=swg1IC72119 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14122 XForce ISS Database: ibm-db2-rds-sec-bypass(66979) https://exchange.xforce.ibmcloud.com/vulnerabilities/66979 |
Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |