IBM DB2 10.5 < FP8 Special Build 36828 / < FP2 Special Build 36792 Multiple Vulnerabilities (Windows)

Medium Nessus Plugin ID 103254


The remote database server is affected by multiple vulnerabilities.


According to its version, the installation of IBM DB2 running on the remote host is either 10.5 prior to fix pack 8 Special Build 36828, or prior to fix pack 2 Special Build 36792. It is, therefore, affected by multiple vulnerabilities related to denial of service and possible exposure of highly sensitive information as described in the advisories.

Note: swg22005740 only affects


Apply the appropriate IBM DB2 Connect Special Build based on the most recent fix pack level for your branch.

See Also

Plugin Details

Severity: Medium

ID: 103254

File Name: db2_connect_1112fp2_36792_win.nasl

Version: $Revision: 1.3 $

Type: local

Agent: windows

Family: Windows

Published: 2017/09/15

Modified: 2017/09/18

Dependencies: 70454

Risk Information

Risk Factor: Medium


Base Score: 5.4

Temporal Score: 4

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:/a:ibm:db2_connect

Required KB Items: SMB/db2_connect/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2017/09/07

Vulnerability Publication Date: 2017/09/07

Reference Information

CVE: CVE-2017-1434, CVE-2017-1519

OSVDB: 164932, 164937

IAVB: 2017-B-0123