IBM DB2 9.1 < 9.1 Fix Pack 2 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 3921

Synopsis

The remote IBM DB2 database server is affected by multiple vulnerabilities.

Description

According to its version, the installation of IBM DB2 9.1 on the remote host is reported to be vulnerable to a number of local flaws. The most serious of these flaws involves a local buffer overflow. An attacker exploiting these flaws would need local access to the DB2 server. Successful exploitation would result in the attacker executing arbitrary code.

Solution

Upgrade to IBM DB2 9.1 Fix Pack 2 or higher.

See Also

http://www-1.ibm.com/support/docview.wss?uid=swg21255747

Plugin Details

Severity: High

ID: 3921

File Name: 3921.prm

Family: Database

Published: 2007/02/23

Modified: 2016/11/23

Dependencies: 9531

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 8.4

Temporal Score: 7.3

Vector: CVSS3#AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2007-1086, CVE-2007-1087, CVE-2007-1088, CVE-2007-1228

BID: 22729, 22677