IBM DB2 9.1 < 9.1 Fix Pack 7 Information Disclosure

Medium Nessus Network Monitor Plugin ID 5006


The remote IBM DB2 database server is affected by an information disclosure vulnerability.


According to its version, the installed version of IBM DB2 server is older than 9.1 Fix Pack 7. Such versions are reportedly affected by an information disclosure vulnerability. Specifically, in certain situations an INNER JOIN predicate is applied before the OUTER JOIN predicate, which could result in disclosure of sensitive information. (JR31886).


Apply IBM DB2 Version 9.1 Fix Pack 7 or higher.

See Also;uid=swg21255607#7

Plugin Details

Severity: Medium

ID: 5006

File Name: 5006.prm

Family: Database

Published: 2004/08/18

Modified: 2016/10/18

Dependencies: 9531

Nessus ID: 36216

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 4.9


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Reference Information

CVE: CVE-2009-1239

BID: 34650