This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.
The remote database server is affected by multiple issues.
The installation of DB2 9.5 on the remote host does not have any Fix
Packs applied and thus is affected by one or more of the following
- There is a security vulnerability in the 'NNSTAT'
procedure on Windows platforms only that allows low-
privileged users to overwrite arbitrary files
- There is a security vulnerability in the
'SYSPROC.ADMIN_SP_C' procedure on Windows platforms
that allows users to load arbitrary library and
execute arbitrary code in the system (IZ10917).
- An unspecified vulnerability affects 'DB2WATCH' and
'DB2FREEZE' on Solaris platforms (IZ12994).
- An authenticated, remote user can cause the DB2 instance
to crash by passing specially crafted parameters to
the 'RECOVERJAR' and 'REMOVE_JAR' procedures (IZ15496).
- There is an internal buffer overflow vulnerability in
the DAS process that could allow arbitrary code
execution on the affected host (IZ12406).
- A local attacker can create arbitrary files as root
on Unix and Linux platforms using symlinks to the
'.dasRecoveryIndex.lock', and 'dasRecoveryIndex.cor'
files during initialization (IZ12798).
- There are possible buffer overflows involving 'XQUERY',
'XMLQUERY', 'XMLEXISTS', and 'XMLTABLE' (IZ18431).
- There is a security vulnerability related to a
failure to switch the owner of the 'db2fmp' process
affecting Unix and Linux platforms (IZ19155).
- When a memory dump occurs, the password used to connect
to the database remains visible in plaintext in the
memory dump file (JR28314).
- The CLR stored procedure deployment feature of IBM
Database Add-Ins for Visual Studio can be used to
escalate privileges or launch a denial of service
attack against a DB2 server (JR28431).
See also :
Apply DB2 Version 9.5 Fix Pack 1.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false
Nessus Plugin ID: 33763 (db2_95fp1.nasl)
Bugtraq ID: 288352883628843
CVE ID: CVE-2008-1966CVE-2008-1997CVE-2008-1998CVE-2008-3852CVE-2008-3854
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.