IBM DB2 9.7 < FP11 Special Build 35317 / 10.1 < FP5 Special Build 35316 / 10.5 < FP7 Special Build 35315 Multiple Vulnerabilities (Windows)

medium Nessus Plugin ID 91336

Synopsis

The remote database server is affected by multiple vulnerabilities.

Description

According to its version, the installation of IBM DB2 running on the remote Windows host is either 9.7 prior to fix pack 11 special build 35317, 10.1 prior to fix pack 5 special build 35316, or 10.5 prior to fix pack 7 special build 35315. It is, therefore, affected by the following vulnerabilities :

- A denial of service vulnerability exists in LUW related to the handling of DRDA messages. An authenticated, remote attacker can exploit this, via a specially crafted DRDA message, to cause the DB2 server to terminate abnormally. (CVE-2016-0211)

- A denial of service vulnerability exists in LUW when handling SELECT statements with subqueries containing the AVG OLAP function that are applied to Oracle compatible databases. An authenticated, remote attacker can exploit this, via a specially crafted query, to cause the DB2 server to terminate abnormally.
(CVE-2016-0215)

Solution

Apply the appropriate IBM DB2 special build based on the most recent fix pack level for your branch.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg21979984

http://www-01.ibm.com/support/docview.wss?uid=swg21979986

Plugin Details

Severity: Medium

ID: 91336

File Name: db2_97fp11_35317_win.nasl

Version: 1.6

Type: local

Agent: windows

Family: Windows

Published: 5/26/2016

Updated: 7/6/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:db2

Required KB Items: SMB/db2/Installed

Exploit Ease: No known exploits are available

Patch Publication Date: 4/7/2016

Vulnerability Publication Date: 4/7/2016

Reference Information

CVE: CVE-2016-0211, CVE-2016-0215

BID: 85979