This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
The installation of IBM DB2 9.5 running on the remote host does not
have any Fix Packs applied. It is, therefore, affected by one or more
of the following issues :
- There is a security vulnerability in the 'NNSTAT'
procedure on Windows platforms only that allows low-
privileged users to overwrite arbitrary files.
- There is a security vulnerability in the
'SYSPROC.ADMIN_SP_C' procedure on Windows platforms
that allows users to load arbitrary library and
execute arbitrary code in the system. (IZ10917)
- An unspecified vulnerability affects 'DB2WATCH' and
'DB2FREEZE' on Solaris platforms. (IZ12994)
- An authenticated, remote user can cause the DB2 instance
to crash by passing specially crafted parameters to
the 'RECOVERJAR' and 'REMOVE_JAR' procedures. (IZ15496)
- There is an internal buffer overflow vulnerability in
the DAS process that could allow arbitrary code
execution on the affected host. (IZ12406)
- A local attacker can create arbitrary files as root
on Unix and Linux platforms using symlinks to the
'.dasRecoveryIndex.lock', and 'dasRecoveryIndex.cor'
files during initialization. (IZ12798)
- There are possible buffer overflows involving 'XQUERY',
'XMLQUERY', 'XMLEXISTS', and 'XMLTABLE'. (IZ18431)
- There is a security vulnerability related to a
failure to switch the owner of the 'db2fmp' process
affecting Unix and Linux platforms. (IZ19155)
- When a memory dump occurs, the password used to connect
to the database remains visible in plaintext in the
memory dump file. (JR28314)
- The CLR stored procedure deployment feature of IBM
Database Add-Ins for Visual Studio can be used to
escalate privileges or launch a denial of service
attack against a DB2 server. (JR28431)
See also :
Apply IBM DB2 version 9.5 Fix Pack 1.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false
Nessus Plugin ID: 33763 (db2_95fp1.nasl)
Bugtraq ID: 288352883628843
CVE ID: CVE-2008-1966CVE-2008-1997CVE-2008-1998CVE-2008-3852CVE-2008-3854
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.