This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
According to its version, the installation of IBM DB2 9.7 running on
the remote host is prior Fix Pack 3. It is, therefore, affected by one
or more of the following issues :
- When privileges on a database object are revoked from
PUBLIC, the dependent functions are not marked INVALID.
As a result, users with execute privilege on the
function are still able to call it successfully.
- If a compound SQL (compiled) statement has been issued
by a user that is properly authorized, this is cached in
the dynamic SQL cache. Once cached, this same query can
be executed by any user if that user has the proper
- Multiple vulnerabilities in 'db2dasrrm' component could
allow arbitrary code execution. (IC70539 / IC72029)
See also :
Apply IBM DB2 version 9.7 Fix Pack 3 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false
Nessus Plugin ID: 50451 ()
Bugtraq ID: 432914605246077
CVE ID: CVE-2010-3474CVE-2010-3475CVE-2010-3731CVE-2011-0731
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.