http://intevydis.blogspot.com/2010/01/ibm-db2-97-kuddb2-dos.html

38018

IC68762

http://www-01.ibm.com/support/docview.wss?uid=swg21432298

oval:org.mitre.oval:def:14289

Versions of IBM DB2 9.7 earlier than Fix Pack 2 are potentially affected by multiple vulnerabilities :

  -  If the database configuration parameter 'AUTO_REVAL' is set to 'IMMEDIATE', system granted privileges are note regenerated. (IC67008)
 - 'Monitor Administrative Views' available in the SYSIBMADM schema are publicly viewable. (IC67819)
 - A weakness in the SSL v3 / TLS protocol involving session renegotiation may allow an attacker to inject an arbitrary amount of plaintext into the beginning of the application protocol stream, which could facilitate man-in-the-middle attacks. (IC68055)
 - By sending a specially crafted packet to Tivoli Monitoring Agent (KUDDB2) listening on TCP port 6014, it may be possible to trigger a denial of service condition. (IC68762)

According to its version, the installation of IBM DB2 9.7 running on the remote host is affected by one or more of the following issues :

  - The 'MODIFIED SQL DATA' table function is not dropped     when a definer loses required privileges to maintain     the objects. (IC63548)

  - A privilege escalation vulnerability exists in the     DB2STST program (on Linux and Unix platforms only).     (IC65742)

  - A malicious user could use the DB2DART program to     overwrite files owned by the instance owner. (IC65762)

  - The scalar function REPEAT contains a buffer overflow     that a malicious user with a valid database connection     could manipulate, causing the DB2 server to trap.     (IC65935)

  - Special group and user enumeration operation on the DB2     server or DB2 Administrator Server (DAS) could trap     when running on Windows 2008. (IC66643)

  - It is possible to execute non-DDL statements even after     an user's DBADM authority has been revoked. (IC66815)

  - If the database configuration parameter 'AUTO_REVAL' is     set to 'IMMEDIATE', system granted privileges are not     regenerated. (IC67008)

  - 'Monitor Administrative Views' available in SYSIBMADM     schema are publicly viewable. (IC67819)

  - A weakness in the SSL v3 / TLS protocol involving     session renegotiation may allow an attacker to inject     an arbitrary amount of plaintext into the beginning of     the application protocol stream, which could facilitate     man-in-the-middle attacks. (IC68055)

  - By sending a specially crafted packet to the Tivoli     Monitoring Agent (KUDDB2), which listens on TCP port     6014 by default, it may be possible to trigger a denial     of service condition. (IC68762)

ID	Name	Product	Family	Severity
5556	IBM DB2 9.7 < 9.7 Fix Pack 2 Multiple Vulnerabilities	Nessus Network Monitor	Database	medium
46766	IBM DB2 9.7 < Fix Pack 2 Multiple Vulnerabilities	Nessus	Databases	medium

CVE-2010-0472

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Tenable Plugins

medium

medium