Security Bulletin: IBM PowerVC - Local escalation of privilege vulnerability in DB2 for Linux (CVE-2016-5995)

Summary IBM PowerVC is impacted by Local escalation of privilege vulnerability in DB2 for Linux CVE-2016-5995 Vulnerability Details CVE-ID: CVE-2016-5995 Description: DB2 for Linux, Unix and Windows is vulnerable to a privilege escalation due to code being built with binaries with libraries in...

Security Bulletin: Local escalation of privilege vulnerability in IBM® DB2® (CVE-2016-5995).

Summary A vulnerability in IBM DB2 for Linux, Unix and Windows could allow a local user to gain elevated privilege. Vulnerability Details CVEID: CVE-2016-5995 DESCRIPTION: DB2 for Linux, Unix and Windows is vulnerable to a privilege escalation due to loading libraries from insecure locations. A...

CVE-2016-5995

CVE-2016-5995 affects IBM DB2: Untrusted search path allow local privilege escalation via a Trojan horse library loaded by setuid/setgid binaries. Affected DB2 releases on Linux/AIX/HP-UX include 9.7 FP11, 10.1 FP5, 10.5 before FP8, and 11.1 GA. IBM remediation varies by release (e.g., 9.7 FP11 s...