This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
According to its version, the installation of IBM DB2 10.5 running on
the remote host is prior to Fix Pack 8. It is, therefore, affected by
the following vulnerabilities :
- A denial of service vulnerability exists in the
SQLNP_SCOPE_TRIAL() function due to improper handling of
SQL statements. An authenticated, remote attacker can
exploit this to crash the database. (VulnDB 144371)
- A denial of service vulnerability exists in the Query
Compiler QGM due to improper handling of specific
queries. An authenticated, remote attacker can exploit
this, via a specially crafted query, to crash the
database. (VulnDB 144373)
See also :
Apply IBM DB2 version 10.5 Fix Pack 8 or later.
Risk factor :
Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.3
Public Exploit Available : true
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now