This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
The installation of IBM DB2 9.5 running on the remote host does not
have any Fix Packs applied. It is, therefore, affected by one or more
of the following issues :
- There is a security vulnerability in the 'NNSTAT'
procedure on Windows platforms only that allows low-
privileged users to overwrite arbitrary files.
- There is a security vulnerability in the
'SYSPROC.ADMIN_SP_C' procedure on Windows platforms
that allows users to load arbitrary library and
execute arbitrary code in the system. (IZ10917)
- An unspecified vulnerability affects 'DB2WATCH' and
'DB2FREEZE' on Solaris platforms. (IZ12994)
- An authenticated, remote user can cause the DB2 instance
to crash by passing specially crafted parameters to
the 'RECOVERJAR' and 'REMOVE_JAR' procedures. (IZ15496)
- There is an internal buffer overflow vulnerability in
the DAS process that could allow arbitrary code
execution on the affected host. (IZ12406)
- A local attacker can create arbitrary files as root
on Unix and Linux platforms using symlinks to the
'.dasRecoveryIndex.lock', and 'dasRecoveryIndex.cor'
files during initialization. (IZ12798)
- There are possible buffer overflows involving 'XQUERY',
'XMLQUERY', 'XMLEXISTS', and 'XMLTABLE'. (IZ18431)
- There is a security vulnerability related to a
failure to switch the owner of the 'db2fmp' process
affecting Unix and Linux platforms. (IZ19155)
- When a memory dump occurs, the password used to connect
to the database remains visible in plaintext in the
memory dump file. (JR28314)
- The CLR stored procedure deployment feature of IBM
Database Add-Ins for Visual Studio can be used to
escalate privileges or launch a denial of service
attack against a DB2 server. (JR28431)
- A flaw exists in the db2ls command that allows a local
attacker to write to any file on the system through the
use of symbolic links. Note that this issue does not
affect Windows systems. (IZ14939)
See also :
Apply IBM DB2 version 9.5 Fix Pack 1.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 10.0
Public Exploit Available : false
Nessus Plugin ID: 33763 (db2_95fp1.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now