Databases : IBM Db2 Multiple Vulnerabilities (Windows)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.900677

Categoría: Databases

Título: IBM Db2 Multiple Vulnerabilities (Windows)

Resumen: IBM Db2 is prone to multiple vulnerabilities.

Descripción: Summary:
IBM Db2 is prone to multiple vulnerabilities.

Vulnerability Insight:
The flaws are due to:

- An unspecified error related to the DB2FMP process running
with OS prvileges.

- An error in INSTALL_JAR procedure might allows remote authenticated
users to create or overwrite arbitrary files via unspecified calls.

- A boundary error in DAS server code can be exploited to cause a buffer
overflow via via unspecified vectors.

Vulnerability Impact:
Successful exploitation will allow attacker to bypass security restrictions,
cause a denial of service or gain elevated privileges.

Affected Software/OS:
IBM Db2 version 8 prior to Fixpack 17, 9.1 prior to Fixpack 5 and
9.5 prior to Fixpack 2

Solution:
Update Db2 8 Fixpakk 17, 9.1 Fixpack 5, 9.5 Fixpack 2 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: BugTraq ID: 31058
BugTraq ID: 35409
Common Vulnerability Exposure (CVE) ID: CVE-2008-6821
AIX APAR: IZ22004
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22004
AIX APAR: IZ22188
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22188
AIX APAR: IZ22190
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22190
BugTraq ID: 35408
http://www.securityfocus.com/bid/35408
http://secunia.com/advisories/31787
XForce ISS Database: db2-das-bo(51108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51108
Common Vulnerability Exposure (CVE) ID: CVE-2008-6820
AIX APAR: JR30026
http://www-01.ibm.com/support/docview.wss?uid=swg1JR30026
AIX APAR: JR30227
http://www-01.ibm.com/support/docview.wss?uid=swg1JR30227
AIX APAR: JR30228
http://www-01.ibm.com/support/docview.wss?uid=swg1JR30228
http://www.securityfocus.com/bid/31058
http://osvdb.org/48149
Common Vulnerability Exposure (CVE) ID: CVE-2008-2154
AIX APAR: IZ21983
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ21983
AIX APAR: IZ22142
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22142
AIX APAR: IZ22143
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22143
http://www.securityfocus.com/bid/35409
http://osvdb.org/48147
XForce ISS Database: db2-installjar-priv-escalation(51105)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51105

Copyright Copyright (C) 2009 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.900677
Categoría:	Databases
Título:	IBM Db2 Multiple Vulnerabilities (Windows)
Resumen:	IBM Db2 is prone to multiple vulnerabilities.
Descripción:	Summary: IBM Db2 is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to: - An unspecified error related to the DB2FMP process running with OS prvileges. - An error in INSTALL_JAR procedure might allows remote authenticated users to create or overwrite arbitrary files via unspecified calls. - A boundary error in DAS server code can be exploited to cause a buffer overflow via via unspecified vectors. Vulnerability Impact: Successful exploitation will allow attacker to bypass security restrictions, cause a denial of service or gain elevated privileges. Affected Software/OS: IBM Db2 version 8 prior to Fixpack 17, 9.1 prior to Fixpack 5 and 9.5 prior to Fixpack 2 Solution: Update Db2 8 Fixpakk 17, 9.1 Fixpack 5, 9.5 Fixpack 2 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	BugTraq ID: 31058 BugTraq ID: 35409 Common Vulnerability Exposure (CVE) ID: CVE-2008-6821 AIX APAR: IZ22004 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22004 AIX APAR: IZ22188 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22188 AIX APAR: IZ22190 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22190 BugTraq ID: 35408 http://www.securityfocus.com/bid/35408 http://secunia.com/advisories/31787 XForce ISS Database: db2-das-bo(51108) https://exchange.xforce.ibmcloud.com/vulnerabilities/51108 Common Vulnerability Exposure (CVE) ID: CVE-2008-6820 AIX APAR: JR30026 http://www-01.ibm.com/support/docview.wss?uid=swg1JR30026 AIX APAR: JR30227 http://www-01.ibm.com/support/docview.wss?uid=swg1JR30227 AIX APAR: JR30228 http://www-01.ibm.com/support/docview.wss?uid=swg1JR30228 http://www.securityfocus.com/bid/31058 http://osvdb.org/48149 Common Vulnerability Exposure (CVE) ID: CVE-2008-2154 AIX APAR: IZ21983 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ21983 AIX APAR: IZ22142 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22142 AIX APAR: IZ22143 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22143 http://www.securityfocus.com/bid/35409 http://osvdb.org/48147 XForce ISS Database: db2-installjar-priv-escalation(51105) https://exchange.xforce.ibmcloud.com/vulnerabilities/51105
Copyright	Copyright (C) 2009 Greenbone Networks GmbH