68 matches found
Cross site request forgery (csrf)
IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote attackers to cause a denial of service daemon crash via a crafted Distributed Relational Database Architecture DRDA request...
CVE-2012-0710
IBM DB2 DRDA vulnerability CVE-2012-0710 enables remote attackers to crash the database server via a crafted DRDA request. Affected releases include DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 across multiple platforms. IBM’s Security Bulletin and related records confi...
Nmap NSE net: drda-info
Attempts to extract information from database servers supporting the DRDA protocol. The script sends a DRDA EXCSAT exchange server attributes command packet and parses the response. OpenVAS Vulnerability Test $Id: gbnmapdrdainfonet.nasl 5505 2017-03-07 10:00:18Z teissa $ Autogenerated NSE wrapper...
Nmap NSE net: drda-brute
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nmap NSE net: drda-brute
Performs password guessing against databases supporting the IBM DB2 protocol such as Informix, DB2 and Derby SYNTAX: userdb: The filename of an alternate username database. drda-brute.threads: the amount of accounts to attempt to brute force in parallel default 10. unpwdb.userlimit: The maximum...
IBM DB2 Multiple Vulnerabilities (Oct10)
The host is running IBM DB2 and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbibmdb2multvulnoct10.nasl 7585 2017-10-26 15:03:01Z cfischer $ IBM DB2 Multiple Vulnerabilities Oct10 Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Networks GmbH,...
CVE-2010-3732
The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service database server ABEND by using the client CLI on Linux, UNIX, or Windows for executing a prepared statement with a large number of parameter markers...
Code injection
The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service database server ABEND by using the client CLI on Linux, UNIX, or Windows for executing a prepared statement with a large number of parameter markers...
CVE-2010-3732
CVE-2010-3732 affects IBM DB2 UDB 9.5 prior to FP6a, specifically the DRDA Services component. The issue allows remote authenticated users to trigger a denial of service (database server ABEND) by issuing a prepared statement with a large number of parameter markers via the client CLI on Linux, U...
drda-info NSE Script
Attempts to extract information from database servers supporting the DRDA protocol. The script sends a DRDA EXCSAT exchange server attributes command packet and parses the response. Example Usage nmap -sV Script Output PORT STATE SERVICE 50000/tcp open drda | drda-info: DB2 Version: 8.02.9 | Serv...
IBM DB2 Database Server Invalid Data Stream Denial of Service (CVE-2009-0173)
IBM DB2 Database is a relational database management system made available for Unix, Windows, and Linux platforms. The product consists of a set of services that work together to provide data processing functionality. IBM DB2 runs various processes including the db2syscs.exe process on Windows...
IBM DB2 UDB Multiple Unspecified Vulnerabilities (Linux)
The host is installed with IBM DB2 and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodibmudbdb2multvulnlin.nasl 5055 2017-01-20 14:08:39Z teissa $ IBM DB2 UDB Multiple Unspecified Vulnerabilities Linux Authors: Antu Sanadi Updated By: Antu Sanadi on 2009/12/29 6444...
IBM DB2 Universal Database Connection Handshake Denial of Service (CVE-2006-4257)
The IBM DB2 Universal Database UDB is a relational database management system. The product supports the Distributed Relational Database Architecture DRDA, an Open Group standard, to meet the needs of application programs requiring access to distributed relational data. There exists a denial of...
CVE-2009-4328
Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service server trap by calling a SQL stored procedure in unknown circumstances...
Design/Logic Flaw
Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service server trap by calling a SQL stored procedure in unknown circumstances...
CVE-2009-4328
CVE-2009-4328 concerns IBM DB2 UDB 9.5 before Fix Pack 5, where an unspecified issue in the DRDA Services component allows remote authenticated users to trigger a denial of service (server trap) by calling a SQL stored procedure under certain conditions. The impact is a partial availability degra...
IBM DB2 Multiple Vulnerabilities (Windows)
The host is installed with IBM DB2 and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodibmdb2multdosvulnwin01.nasl 6530 2017-07-05 06:23:50Z cfischer $ IBM DB2 Multiple DOS Vulnerabilities Windows Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod,...
IBM DB2 Multiple Vulnerabilities (Linux)
The host is installed with IBM DB2 and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodibmdb2multdosvulnlin01.nasl 5055 2017-01-20 14:08:39Z teissa $ IBM DB2 Multiple Vulnerabilities Linux Authors: Antu Sanadi Updated KB Name Antu Sanadi on 2009-12-21 Copyright:...
CVE-2009-1906
The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before FP4 allows remote attackers to cause a denial of service memory corruption and application crash via an IPv6 address in the correlation token in the APPID string, as demonstrated by an APPID string sent by the third-party...
Memory corruption
The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before FP4 allows remote attackers to cause a denial of service memory corruption and application crash via an IPv6 address in the correlation token in the APPID string, as demonstrated by an APPID string sent by the third-party...