How to Buy
This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
The installation of IBM DB2 9.5 running on the remote host does not
have Fix Pack 2 applied. It is, therefore, affected by the following
- DB2 does not mark inoperative or drop views and triggers
if the definer cannot maintain the objects (IZ22307).
- Password-related connection string keyword values may
appear in trace output (IZ28489).
- There is an unspecified vulnerability in the way CLR
Stored Procedures for Visual Studio from IBM database
add-ins are deployed (JR28431).
- There is an unspecified buffer overflow in DAS server
- INSTALL_JAR can be used to create or overwrite critical
files on a system (IZ22143).
- On Windows, the db2fmp process is running with OS
See also :
Apply IBM DB2 version 9.5 Fix Pack 2.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false
Nessus Plugin ID: 34056 (db2_95fp2.nasl)
Bugtraq ID: 308593540835409
CVE ID: CVE-2008-2154CVE-2008-3852CVE-2008-4693CVE-2008-4692CVE-2008-6821
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.