DB2 9.7 < Fix Pack 2 Multiple Vulnerabilities

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote database server is affected by multiple issues.

Description :

According to its version, the installation of DB2 9.7 on the remote
host is affected by one or more of the following issues :

- The 'MODIFIED SQL DATA' table function is not dropped
when a definer loses required privileges to maintain
the objects. (IC63548)

- A privilege escalation vulnerability exists in the
DB2STST program (on Linux and Unix platforms only).
(IC65742)

- A malicious user could use the DB2DART program to
overwrite files owned by the instance owner. (IC65762)

- The scalar function REPEAT contains a buffer overflow
that a malicious user with a valid database connection
could manipulate, causing the DB2 server to trap.
(IC65935)

- Special group and user enumeration operation on the DB2
server or DB2 Administrator Server (DAS) could trap
when running on Windows 2008. (IC66643)

- It is possible to execute non-DDL statements even after
an user's DBADM authority has been revoked. (IC66815)

- If the database configuration parameter 'AUTO_REVAL' is
set to 'IMMEDIATE', system granted privileges are not
regenerated. (IC67008)

- 'Monitor Administrative Views' available in SYSIBMADM
schema are publicly viewable. (IC67819)

- A weakness in the SSL v3 / TLS protocol involving
session renegotiation may allow an attacker to inject
an arbitrary amount of plaintext into the beginning of
the application protocol stream, which could facilitate
man-in-the-middle attacks. (IC68055)

- By sending a specially crafted packet to the Tivoli
Monitoring Agent (KUDDB2), which listens on TCP port
6014 by default, it may be possible to trigger a denial
of service condition. (IC68762)

See also :

http://intevydis.blogspot.com/2010/01/ibm-db2-97-kuddb2-dos.html
http://www-01.ibm.com/support/docview.wss?uid=swg1IC63548
http://www-01.ibm.com/support/docview.wss?uid=swg1IC65742
http://www-01.ibm.com/support/docview.wss?uid=swg1IC65762
http://www-01.ibm.com/support/docview.wss?uid=swg1IC65935
http://www-01.ibm.com/support/docview.wss?uid=swg1IC66643
http://www-01.ibm.com/support/docview.wss?uid=swg1IC66815
http://www-01.ibm.com/support/docview.wss?uid=swg1IC67008
http://www-01.ibm.com/support/docview.wss?uid=swg1IC67819
http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055
http://www-01.ibm.com/support/docview.wss?uid=swg1IC68762
http://www-01.ibm.com/support/docview.wss?uid=swg21432298

Solution :

Apply DB2 Version 9.7 Fix Pack 2 or later.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false