Lucene search
K

4373 matches found

Cvelist
Cvelist
added 2003/09/19 4:0 a.m.22 views

CVE-2003-0759

Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument...

6.7AI score0.01049EPSS
Exploits1References7
CVE
CVE
added 2003/09/19 4:0 a.m.64 views

CVE-2003-0759

CVE-2003-0759 describes a local privilege escalation in IBM DB2 Universal Data Base 7.2 for Linux (x86 and s390) via a stack-based buffer overflow in the setuid binary db2licm. The issue is triggered by a long command line and can grant root privileges. Vendor fixes are provided in Fixpak 10a for...

7.2CVSS6.7AI score0.01049EPSS
Exploits1References7Affected Software1
securityvulns
securityvulns
added 2003/09/19 12:0 a.m.34 views

Multiple IBM DB2 bugs

Format string bugs, buufer overflows...

2.8AI score
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2003/09/19 12:0 a.m.45 views

CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities

Core Security Technologies Advisory http://www.coresecurity.com Multiple IBM DB2 Stack Overflow Vulnerabilities Date Published: 2003-09-18 Last Update: 2003-09-18 Advisory ID: CORE-2003-0531 Bugtraq ID: 8552, 8553 CVE Name: CAN-2003-0758, CAN-2003-0759 Title: Multiple IBM DB2 Stack Overflow...

7.2CVSS7.1AI score0.01105EPSS
Exploits2
exploitpack
exploitpack
added 2003/09/18 12:0 a.m.14 views

IBM DB2 db2dart - Buffer Overflow

IBM DB2 db2dart - Buffer Overflow source: https://www.securityfocus.com/bid/8552/info It has been reported that the IBM DB2 db2dart utility is prone to locally exploitable buffer overflow vulnerability. A local attacker, who can authenticate or has access as the db2as user, may exploit this issue...

0.7AI score
Exploits0
Core Security
Core Security
added 2003/09/18 12:0 a.m.31 views

Multiple IBM DB2 Stack Overflow Vulnerabilities

Advisory ID Internal CORE-2003-0531 Vulnerability Information: Date Published: 2003-09-18 Last Update: 2003-09-17 Advisory ID: CORE-2003-0531 Bugtraq ID:8552, 8553 CVE Name:CAN-2003-0758, CAN-2003-0759 Title: Multiple IBM DB2 Stack Overflow Vulnerabilities Class: Boundary Error Condition Buffer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/18 12:0 a.m.22 views

IBM DB2 db2dart - Buffer Overflow

source: https://www.securityfocus.com/bid/8552/info It has been reported that the IBM DB2 db2dart utility is prone to locally exploitable buffer overflow vulnerability. A local attacker, who can authenticate or has access as the db2as user, may exploit this issue to execute arbitrary instructions...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/08/06 12:0 a.m.22 views

Local Vulnerability in IBM DB2 7.1 db2job binary

Title: Local Vulnerability in IBM DB2 7.1 db2job binary Date: 27-07-2003 Platform: Only tested in Linux but can be exported to others. Impact: Users with exec perm over ./db2as/sqllib/adm/db2job can create files with 770 mode and owned by root. Author: Juan Manuel Pascual Escriba [email protected]...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2003/08/06 12:0 a.m.30 views

Slight privilege elevation from bin to root in IBM DB2 7.1 - 8.1 all binaries

Title: Local Vulnerability in IBM DB2 7.1 - 8.1 all binaries Date: 27-07-2003 Platform: Only tested in Linux but can be exported to others. Only versions 7.1 and Enterprise Server Edition v8.1 were checked but could affect other versions. Impact: Slight privilege elevation from bin to root. Autho...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2003/08/06 12:0 a.m.30 views

IBM DB2 privilege escalation

db2job allows to write any file...

3.7AI score
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2003/08/05 12:0 a.m.13 views

IBM DB2 db2job - File Overwrite

IBM DB2 db2job - File Overwrite source: https://www.securityfocus.com/bid/8344/info IBM's DB2 database ships with a utility called db2job, installed with permissions 4550 and owned by root.db2asgrp. It has been reported that db2job writes to a number of files with root privileges. The files writt...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/08/05 12:0 a.m.11 views

IBM DB2 - Shared Library Injection

IBM DB2 - Shared Library Injection source: https://www.securityfocus.com/bid/8346/info IBM DB2 ships with a number of shared libraries, stored in a directory owned by the user and group 'bin'. As setuid root utilities are linked to these libraries, their ownership by a user and group of a lower...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/08/05 12:0 a.m.39 views

IBM DB2 db2job - File Overwrite

source: https://www.securityfocus.com/bid/8344/info IBM's DB2 database ships with a utility called db2job, installed with permissions 4550 and owned by root.db2asgrp. It has been reported that db2job writes to a number of files with root privileges. The files written to are created with 0770...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/08/05 12:0 a.m.36 views

IBM DB2 - Shared Library Injection

source: https://www.securityfocus.com/bid/8346/info IBM DB2 ships with a number of shared libraries, stored in a directory owned by the user and group 'bin'. As setuid root utilities are linked to these libraries, their ownership by a user and group of a lower privilege level constitutes a...

7.4AI score
Exploits0
CVE
CVE
added 2002/03/15 5:0 a.m.64 views

CVE-2001-1143

CVE-2001-1143 affects IBM DB2 7.0. A remote attacker can cause a denial-of-service (crash) by sending a single byte to (1) db2ccs.exe on port 6790 or (2) db2jds.exe on port 6789. This vulnerability is documented across multiple feeds (NVD, CVE List, Nessus/DOS plugin) with CVSSv2 vector AV:N/AC:L...

5CVSS6.5AI score0.01632EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2002/03/15 5:0 a.m.24 views

CVE-2001-1143

IBM DB2 7.0 allows a remote attacker to cause a denial of service crash via a single byte to 1 db2ccs.exe on port 6790, or 2 db2jds.exe on port 6789...

6.5AI score0.01632EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2002/03/06 12:0 a.m.30 views

IBM DB2 Multiple CGI Single Byte Request Remote DoS

It was possible to crash the IBM DB2 database service by connecting to the affected service and sending just one byte to it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10871; scriptversion"1.23";...

5CVSS5.4AI score0.01632EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2001/07/12 12:0 a.m.15 views

ibm.db2.dos.txt

IBM DB2 for Windows 98/NT/2000 run 2 services : db2ccs.exe listening on port 6790 and db2jds.exe port 6789. I may be wrong but these services are used to access data remotely and to remotely manage the database. Both can be crashed remotely: just telnet on their port, send one byte and then close...

7.4AI score
Exploits0
NVD
NVD
added 2001/07/11 4:0 a.m.18 views

CVE-2001-1143

IBM DB2 7.0 allows a remote attacker to cause a denial of service crash via a single byte to 1 db2ccs.exe on port 6790, or 2 db2jds.exe on port 6789...

5CVSS6.5AI score0.01632EPSS
Exploits0References4
securityvulns
securityvulns
added 2001/07/11 12:0 a.m.33 views

IBM Windows DB2 DoS

Hi everybody. IBM DB2 for Windows 98/NT/2000 run 2 services : db2ccs.exe listening on port 6790 and db2jds.exe port 6789. I may be wrong but these services are used to access data remotely and to remotely manage the database. Both can be crashed remotely: just telnet on their port, send one byte...

0.8AI score
Exploits0
Rows per page
Query Builder