DB2 9.7 < Fix Pack 3 Multiple Vulnerabilities

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote database server is affected by multiple issues.

Description :

According to its version, the installation of DB2 9.7 on the remote
host is older than Fix Pack 3. Such versions are affected by one or
more of the following issues :

- When privileges on a database object are revoked from
PUBLIC, the dependent functions are not marked INVALID.
As a result, users with execute privilege on the
function are still able to call it successfully.
(IC68015)

- If a compound SQL (compiled) statement has been issued
by a user that is properly authorized, this is cached in
the dynamic SQL cache. Once cached, this same query can
be executed by any user if that user has the proper
authority. (IC70406)

- Multiple vulnerabilities in 'db2dasrrm' component could
allow arbitrary code execution. (IC70539 / IC72029)

See also :

http://www.zerodayinitiative.com/advisories/ZDI-11-035/
http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0585.html
http://www.zerodayinitiative.com/advisories/ZDI-11-036/
http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0586.html
http://www-01.ibm.com/support/docview.wss?uid=swg1IC68015
http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406
http://www-01.ibm.com/support/docview.wss?uid=swg1IC70539
http://www-01.ibm.com/support/docview.wss?uid=swg1IC72029
http://www-01.ibm.com/support/docview.wss?uid=swg21450666

Solution :

Apply DB2 Version 9.7 Fix Pack 3 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Databases

Nessus Plugin ID: 50451 ()

Bugtraq ID: 43291
46052
46077

CVE ID: CVE-2010-3474
CVE-2010-3475
CVE-2010-3731
CVE-2011-0731