IBM DB2 Universal Database Corrupt Package Information DoS

2006-05-16T09:18:59
ID OSVDB:29862
Type osvdb
Reporter OSVDB
Modified 2006-05-16T09:18:59

Description

Vulnerability Description

DB2 contains a flaw that may allow a remote denial of service. The issue is triggered when a downlevel client sends corrupt package information to the server, and will result in loss of availability for the service.

Solution Description

Upgrade to version 8 FixPak 12 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

DB2 contains a flaw that may allow a remote denial of service. The issue is triggered when a downlevel client sends corrupt package information to the server, and will result in loss of availability for the service.

References:

Vendor URL: http://www-3.ibm.com/software/data/db2/ Vendor Specific Advisory URL Secunia Advisory ID:20579 Related OSVDB ID: 29860 Related OSVDB ID: 27992 Related OSVDB ID: 29861 FrSIRT Advisory: ADV-2006-2332 CVE-2006-3068