How to Buy
This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
According to its version, the installation of IBM DB2 8.1 running on
the remote host is affected by one or more of the following issues :
- A local attacker may be able to gain write access to an
arbitrary file using DAS, which could lead to gaining
root privileges. (IZ34149)
- It may be possible to crash the server by sending
specially crafted packets to the 'DB2JDS' service.
- The security component in UNIX installs is affected
by a private memory leak. (IZ35635)
- The 'DASAUTO' command can be run by a non-privileged
See also :
Apply IBM DB2 UDB version 8.1 Fix Pack 18 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false
Nessus Plugin ID: 40662 (db2_81fp18.nasl)
Bugtraq ID: 36059
CVE ID: CVE-2009-2858CVE-2009-2859CVE-2009-2860
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.