IBM DB2 9.7 < 9.7 Fix Pack 5 Local DoS
Low Nessus Network Monitor Plugin ID 6099
SynopsisThe remote IBM DB2 database server is vulnerable to a denial of service attack.
DescriptionVersions of IBM DB2 9.7 earlier than Fix Pack 5 are potentially affected by a local denial of service vulnerability. On Unix and Unix-like systems with both the Self Tuning Memory manager (STMM) feature enabled and the 'DATABASE_MEMORY' option set to 'AUTOMATIC', local users are able to carry out denial of service attacks via unknown vectors.
SolutionDisable automatic tuning of 'DATABASE_MEMORY' or upgrade to IBM DB2 9.7 Fix Pack 5 or higher.