Lucene search
K

90 matches found

NVD
NVD
added 2007/08/18 9:17 p.m.35 views

CVE-2007-4270

Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files...

6.9CVSS6.3AI score0.00328EPSS
Exploits1References11
NVD
NVD
added 2007/08/18 9:17 p.m.31 views

CVE-2007-4423

Stack-based buffer overflow in the AUTHLISTGROUPSFORAUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument...

5CVSS7.8AI score0.03528EPSS
Exploits0References11
NVD
NVD
added 2007/08/18 9:17 p.m.27 views

CVE-2007-4275

Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to 1 DB2 instance or FMP startup on Linux and Solaris; 2 exec of executables while running as root on non-Windows systems, as...

6.9CVSS6.5AI score0.00361EPSS
Exploits1References16
Cvelist
Cvelist
added 2007/08/18 9:0 p.m.37 views

CVE-2007-4273

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the 1 OSSEMEMDBG or 2 TRCLOGFILE environment variable in db2licd...

6.9AI score0.00414EPSS
Exploits1References11
Cvelist
Cvelist
added 2007/08/18 9:0 p.m.35 views

CVE-2007-4271

Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. dot dot in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink...

6.1AI score0.00478EPSS
Exploits1References10
CVE
CVE
added 2007/08/18 9:0 p.m.64 views

CVE-2007-4418

IBM DB2 UDB 8 prior to Fixpak 15 is reported to fail an authorization check, allowing remote authenticated users with a specific SELECT privilege to trigger an unknown impact via unspecified vectors. The entry notes a possible relation to CVE-2007-1089, but details are unclear. The provided conne...

5.5CVSS6.1AI score0.01341EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2007/08/18 9:0 p.m.74 views

CVE-2007-4275

IBM DB2 UDB 8.x (Fixpak 15) and 9.1 (Fixpak 3) have multiple local privilege-escalation vulnerabilities due to untrusted search paths and environment-based file/binary loading. Exploitable vectors include startup of the DB2 instance or FMP on Linux/Solaris, execution of executables while running ...

6.9CVSS6.5AI score0.00361EPSS
Exploits1References16Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/12/23 12:0 a.m.155 views

IBM DB2 < 8.1 FixPak 12 EXCSAT Long MGRLVLLS Message Remote DoS

According to its version, the installation of IBM DB2 running on the remote host may crash when it attempts to process a specially crafted CONNECT or ATTACH request sent during the initial handshake process. An unauthenticated, remote attacker can exploit this issue to overflow a buffer and crash...

5CVSS5.8AI score0.01935EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/09/06 12:0 a.m.47 views

[Full-disclosure] Details for BID 18428

DB2 UDB - Unauthenticated Buffer Overflow and DoS BID 18428 Background DB2 Universal Database UDBtm is a popular database software package from IBM available for legacy platforms as well as open systems Unix and Windows. Clients use a protocol called DRDA to communicate with the DB2 UDB server...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2006/08/18 12:0 a.m.31 views

[SA21550] DB2 Universal Database Denial of Service Vulnerabilities

TITLE: DB2 Universal Database Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA21550 VERIFY ADVISORY: http://secunia.com/advisories/21550/ CRITICAL: Less critical IMPACT: DoS WHERE: From local network SOFTWARE: DB2 Universal Database 8.x http://secunia.com/product/857/ DESCRIPTION: Two...

1.2AI score
Exploits0
NVD
NVD
added 2006/06/19 10:2 a.m.21 views

CVE-2006-3067

Multiple unspecified vulnerabilities in IBM DB2 Universal Database UDB before 8.1 FixPak 12 allow remote attackers to cause a denial of service application crash via a 1 "long column list" in the a REPLACE INTO and b INSERT INTO portions of the LOAD command or a 2 large number of values in an IN...

5CVSS7.2AI score0.02445EPSS
Exploits0References9
CVE
CVE
added 2006/06/19 10:0 a.m.57 views

CVE-2006-3068

IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 is affected by a remote denial of service due to a memory overwrite caused by sending "incorrect information" about the package name/creator. This CVE involves a flaw in how the database handles certain crafted input, leading to an application...

5CVSS6.8AI score0.01566EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/06/19 10:0 a.m.26 views

CVE-2006-3067

Multiple unspecified vulnerabilities in IBM DB2 Universal Database UDB before 8.1 FixPak 12 allow remote attackers to cause a denial of service application crash via a 1 "long column list" in the a REPLACE INTO and b INSERT INTO portions of the LOAD command or a 2 large number of values in an IN...

7.2AI score0.02445EPSS
Exploits0References9
securityvulns
securityvulns
added 2006/06/15 12:0 a.m.57 views

[SA20579] DB2 Universal Database Multiple Denial of Service Vulnerabilities

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...

0.9AI score
Exploits0
CVE
CVE
added 2006/03/19 11:0 p.m.39 views

CVE-2005-4740

IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 is affected: remote authenticated users can cause a denial of service (db2jd service crash) by connecting from a downlevel client. The connected sources do not provide a specific fix version or mitigation; monitor for an official pat...

4CVSS6.4AI score0.01261EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/03/19 11:0 p.m.20 views

CVE-2005-4739

IBM DB2 Universal Database UDB 820 before version 8 FixPak 10 s050811 allows remote authenticated users to cause a denial of service application crash by using a table function for an instance of snapshottbreorg, which triggers a trap in sqlnrEStoEaction...

6.1AI score0.01462EPSS
Exploits0References3
NVD
NVD
added 2005/12/31 5:0 a.m.7 views

CVE-2005-4740

IBM DB2 Universal Database UDB 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service db2jd service crash by "connecting from a downlevel client."...

4CVSS6.1AI score0.01261EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/10/20 12:0 a.m.28 views

[SA17031] DB2 Universal Database Multiple Denial of Service Vulnerabilities

TITLE: DB2 Universal Database Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA17031 VERIFY ADVISORY: http://secunia.com/advisories/17031/ CRITICAL: Less critical IMPACT: Security Bypass, DoS WHERE: From local network SOFTWARE: DB2 Universal Database 8.x...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2005/02/10 12:0 a.m.29 views

[VulnWatch] Patch available for high risk IBM DB2 Universal Database flaw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Researchers at NGSSoftware have discovered a high risk vulnerability in IBM's DB2 Universal Database Version 8.1 and earlier. IBM has just released Fixpak 8 for DB2 UDB 8.1 which addresses the security flaw...

Exploits0
securityvulns
securityvulns
added 2004/09/02 12:0 a.m.24 views

[VulnWatch] Patch available for IBM DB2 Universal Database flaws

Researchers at NGSSoftware have discovered multiple critical/high risk vulnerabilities in IBM's DB2 Universal Database. Versions affected include DB2 8.1 Fixpak 6 and earlier DB2 7.x Fixpak 11 and earlier Two of the issues, remotely exploitable buffer overflows, have been fixed in Fixpak 7 for DB...

0.5AI score
Exploits0
Rows per page
Query Builder