IBM DB2 9.5 < 9.5 Fix Pack 2 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 4638


The remote IBM DB2 database server is affected by multiple vulnerabilities.


The installation of IBM DB2 9.5 on the remote host does not have Fix Pack 2 applied and is affected by multiple vulnerabilities :

- An unspecified vulnerability in the way it deploys 'CLR Stored Procedures' for Visual Studio from IBM database add-ins (JR28431). - A buffer overflow condition in the DAS server code. (IZ22188)


Apply IBM DB2 Version 9.5 Fix Pack 2 or higher.

See Also

Plugin Details

Severity: High

ID: 4638

File Name: 4638.prm

Family: Database

Published: 2008/08/29

Modified: 2016/11/23

Dependencies: 9531

Nessus ID: 34056

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 7.3

Temporal Score: 6.4


Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2008-2154, CVE-2008-6821

BID: 30859, 35408, 35409