IBM DB2 10.1 < Fix Pack 3 Multiple Vulnerabilities (credentialed check)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.

Synopsis :

The remote database server is affected by multiple vulnerabilities.

Description :

According to its version, the installation of IBM DB2 10.1 on the
remote host is affected by the following vulnerabilities :

- When a multi-node configuration is used, an error exists
in the Fast Communications Manager (FCM) that could
allow denial of service attacks. (CVE-2013-4032 /

- An unspecified error exists that can allow an attacker
to gain SELECT, INSERT, UPDATE, or DELETE permissions to
database tables. Note that successful exploitation
requires the rights EXPLAIN, SQLADM, or DBADM.
(CVE-2013-4033 / IC94757)

See also :

Solution :

Apply IBM DB2 Version 10.1 Fix Pack 3 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 70456 ()

Bugtraq ID: 62018

CVE ID: CVE-2013-4032