IBM DB2 9.5 < 9.5 Fix Pack 1 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 4612
The remote IBM DB2 database server is affected by multiple attack vectors.
The installation of IBM DB2 on the remote host 9.5 is prior to Fix Pack 1 and is affected by one or more of the following vulnerabilities : - There is a security vulnerability in the 'NNSTAT' procedure on Windows platforms that allows low-privileged users to overwrite arbitrary files (IZ10776) - There is a security vulnerability in the 'SYSPROC.ADMIN_SP_C' procedure on Windows platforms that allows users to load arbitrary libraries and execute arbitrary code in the system (IZ10917) - An unspecified vulnerability affects 'DB2WATCH' and 'DB2FREEZE' on Solaris platforms (IZ12994) - A flaw exists as the db2ls command creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the FILE file to cause the program to unexpectedly write to any file on the system. (IZ14939) - An authenticated remote user can cause the DB2 instance to crash by passing specially crafted parameters to the 'RECOVERJAR' and 'REMOVE_JAR' procedures (IZ15496) - There is an internal buffer overflow vulnerability in the DAS process that could allow arbitrary code execution on the affected host (IZ12406) - A local attacker can create arbitrary files as root on Unix and Linux platforms using symlinks to the 'dasRecoveryIndex', 'dasRecoveryIndex.tmp', '.dasRecoveryIndex.lock', and 'dasRecoveryIndex.cor' files during initialization (IZ12798) - There is a security vulnerability related to a failure to switch the owner of the 'db2fmp' process affecting Unix and Linux platforms (IZ19155) - When a memory dump occurs, the password used to connect to the database remains visible in clear text in memory (JR28314)