IBM DB2 9.1 < 9.1 Fix Pack 7 / 9.5 < 9.5 Fix Pack 4 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 5043


The remote IBM DB2 database server is affected by multiple vulnerabilities.


According to its version, the installation of IBM DB2 9.1 / 9.5 on the remote host is affected by one or more of the following vulnerabilities :

- A denial-of-service issue when the application processes crafted IPv6 addresses in the correlation token. (IZ38874)
- A security-bypass issue exists in the application when LDAP-based authentication is used. (LI73778)


Apply IBM DB2 9.1 Fix Pack 7 or IBM DB2 9.5 Fix Pack 4 or higher

See Also

Plugin Details

Severity: Medium

ID: 5043

File Name: 5043.prm

Family: Database

Published: 2004/08/18

Modified: 2016/10/18

Dependencies: 9531

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 5.1


Temporal Vector: CVSS3#E:X/RL:O/RC:C

Reference Information

CVE: CVE-2009-1905, CVE-2009-1906

BID: 35171

OSVDB: 54912, 54913, 54914