90 matches found
IBM Db2 Universal Database Multiple Vulnerabilities (Sep 2008) - Linux
IBM Db2 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
IBM DB2 Universal Database Multiple Vulnerabilities - Sept08 (Linux)
The host is running DB2 Database Server, which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodibmdb28udbmultvulnlin900216.nasl 7174 2017-09-18 11:48:08Z asteins $ Description: IBM DB2 Universal Database Multiple Vulnerabilities - Sept08 Linux Authors: Veerendra GG...
IBM Db2 Universal Database Multiple Vulnerabilities (Sep 2008) - Windows
IBM Db2 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
IBM DB2 Universal Database Server 8.2 Fixpak 17之前存在多个漏洞
BUGTRAQ ID: 31058 CNCAN ID:CNCAN-2008091101 IBM DB2是一款大型的商业关系数据库系统, IBM DB2 Universal Database Server 8.2 Fixpak 17之前版本存在多个漏洞,攻击者可以利用漏洞进行如下攻击: -相关CONNECT / ATTACH处理存在远程拒绝服务攻击。 -DB2FMP过程存在未明安全问题。 -DB2JDS存在远程拒绝服务攻击。 -在Windows平台下以系统特权执行DB2FMP过程。 攻击者可以利用这些漏洞进行拒绝服务攻击,也可能造成其他未明攻击行为。 IBM DB2 Universal...
Code injection
Unspecified vulnerability in the JDBC Applet Server Service aka db2jds in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service service crash via "malicious packets."...
CVE-2008-3960
IBM DB2 UDB 8 is affected by CVE-2008-3960 in the JDBC Applet Server Service (db2jds) prior to Fixpak 17, enabling remote denial of service via malicious packets. The vulnerability is documented as unspecified in the initial description, with the primary remediation being upgrading to Fixpak 17. ...
Cross site request forgery (csrf)
The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service instance crash via a crafted CONNECT data stream that simulates a V7 client connect request...
IBM DB2数据库db2dasrrm缓冲区溢出和文件创建漏洞
BUGTRAQ ID: 27870 CVECAN ID: CVE-2007-5758,CVE-2007-5664 IBM DB2是一个大型的商业关系数据库系统,面向电子商务、商业资讯、内容管理、客户关系管理等应用,可运行于AIX、HP-UX、Linux、Solaris、Windows等系统。...
IBM DB2 Universal Database DAS缓冲区溢出漏洞
BUGTRAQ ID: 27681 CVECAN ID: CVE-2007-3676 IBM DB2是一个大型的商业关系数据库系统,面向电子商务、商业资讯、内容管理、客户关系管理等应用,可运行于AIX、HP-UX、Linux、Solaris、Windows等系统。 DB2管理服务器(DAS)在处理某些远程管理请求时会使用远程客户端所提供的32位指针值。如果提供了特制的地址值的话,攻击者就可以触发缓冲区溢出,强制程序访问无效的内存地址。 成功攻击允许攻击者导致服务崩溃或执行任意代码。无需认证凭据便可利用这个漏洞,但必须要在TCP 523端口上与DAS创建TCP会话。 IBM DB2...
Design/Logic Flaw
Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors...
Buffer overflow
Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access."...
Authorization
IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors...
CVE-2008-0696
IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors...
DB2 < 8.1 FixPak 16 Multiple Vulnerabilities (deprecated)
Binary data 4358.prm...
Directory traversal
Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory."...
Design/Logic Flaw
IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the 1 DB2ADMNS and 2 DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vague to be certain that it is security-related...
Memory corruption
IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related...
Buffer overflow
IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service divide-by-zero error and DBMS crash, related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related...
CVE-2007-6045
Unspecified vulnerability in 1 DB2WATCH and 2 DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors...
CVE-2007-6053
IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related...