| VID |
25042 |
| Severity |
40 |
| Port |
523 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The IBM DB2 Universal Database server, according to its version number, has multiple vulnerabilities. Multiple critical/high risk vulnerabilities have been reported in IBM DB2 Universal Database versions 7.x and 8.x, where some of the vulnerabilities can be exploited to compromise a vulnerable system.
* Note: This check solely relied on the version number of the remote DB2 Database server to assess this vulnerability, so this might be a false positive.
* References:
http://www-1.ibm.com/support/docview.wss?rs=71&context=SSEPGG&uid=swg21179535&loc=en_US&cs=utf-8&lang=en
http://www-1.ibm.com/support/docview.wss?uid=swg21181105
http://www-1.ibm.com/support/docview.wss?uid=swg21181228
http://www-1.ibm.com/support/docview.wss?uid=swg24007489
http://www-1.ibm.com/support/docview.wss?uid=swg24007670
http://www-1.ibm.com/support/docview.wss?uid=swg1IY60622
http://www.nextgenss.com/advisories/db2-01.txt
http://secunia.com/advisories/12733/
http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0039.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0001.html
* Platforms Affected:
IBM DB2 UDB 7.x and 8.x
Microsoft Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
For IBM DB2 7.x:
Apply the DB2 Version 7 FixPak 13, available from the IBM DB2 version 7 FixPaks Download Web page at http://www-306.ibm.com/software/data/db2/udb/support/downloadv7.html
For IBM DB2 8.x:
Apply the DB2 Version 8 FixPak 7a, available from the IBM DB2 version 8 FixPaks Download Web page at http://www-306.ibm.com/software/data/db2/udb/support/downloadv8.html |
| Related URL |
(CVE) |
| Related URL |
11405,11404,11403,11402,11401,11400,11399,11398,11397,11396 (SecurityFocus) |
| Related URL |
17608,17617,17609,17605,17613,17614,17611,17615,17610 (ISS) |
|
