Vulnerabilities > CVE-2001-0051 - Unspecified vulnerability in IBM DB2 Universal Database 6.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | IBM DB2 Universal Database for Linux 6.1/Windows NT 6.1 Known Default Password Vulnerability. CVE-2001-0051. Remote exploits for multiple platform |
| id | EDB-ID:20472 |
| last seen | 2016-02-02 |
| modified | 2000-12-05 |
| published | 2000-12-05 |
| reporter | benjurry |
| source | https://www.exploit-db.com/download/20472/ |
| title | IBM DB2 - Universal Database for Linux 6.1/Windows NT 6.1 Known Default Password Vulnerability |
Nessus
NASL family Default Unix Accounts NASL id ACCOUNT_DB2INST1_DB2INST1.NASL description The account last seen 2020-06-01 modified 2020-06-02 plugin id 11862 published 2003-10-01 reporter This script is Copyright (C) 2003-2018 Chris Foster source https://www.tenable.com/plugins/nessus/11862 title Default Password (db2inst) for 'db2inst1' Account code # # This script was written by Chris Foster # # # See the Nessus Scripts License for details # # Changes by Tenable # Add global_settings/supplied_logins_only script_exclude_key (06/2015) # Add exit() messages for more detailed audits # account = "db2inst1"; password = "db2inst1"; include("compat.inc"); if (description) { script_id(11862); script_version ("1.26"); script_cvs_date("Date: 2018/08/09 17:06:37"); script_cve_id("CVE-1999-0502", "CVE-2001-0051"); script_name(english:"Default Password (db2inst) for 'db2inst1' Account"); script_summary(english:"Attempts to log in to the remote host."); script_set_attribute(attribute:"synopsis", value: "The remote host has an account with a default password set."); script_set_attribute(attribute:"description", value: "The account 'db2inst1' has the password 'db2inst1'. An attacker may use this to gain further privileges on this system."); script_set_attribute(attribute:"solution", value: "Set a strong password for this account or disable it if possible."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'SSH User Code Execution'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value:"2003/10/01"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"default_account", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2000/12/05"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Default Unix Accounts"); script_copyright(english:"This script is Copyright (C) 2003-2018 Chris Foster"); script_dependencies("find_service1.nasl", "ssh_detect.nasl", "account_check.nasl"); script_require_ports("Services/telnet", 23, "Services/ssh", 22); script_exclude_keys("global_settings/supplied_logins_only"); exit(0); } # # The script code starts here : # include("audit.inc"); include("default_account.inc"); include("global_settings.inc"); if (supplied_logins_only) exit(0, "Nessus is currently configured to not log in with user accounts not specified in the scan policy."); if (! thorough_tests && ! get_kb_item("Settings/test_all_accounts")) exit(0, "Neither thorough_tests nor 'Settings/test_all_accounts' is set."); affected = FALSE; ssh_ports = get_service_port_list(svc: "ssh", default:22); foreach port (ssh_ports) { port = check_account(login:account, password:password, port:port, svc:"ssh"); if (port) { affected = TRUE; security_report_v4(port:port, severity:SECURITY_HOLE, extra:default_account_report()); } } if(affected) exit(0); telnet_ports = get_service_port_list(svc: "telnet", default:23); foreach port (telnet_ports) { port = check_account(login:account, password:password, port:port, svc:"telnet"); if (port) { affected = TRUE; security_report_v4(port:port, severity:SECURITY_HOLE, extra:default_account_report()); } } if(!affected) audit(AUDIT_HOST_NOT, "affected");NASL family Default Unix Accounts NASL id ACCOUNT_DB2AS_IBMDB2.NASL description The account last seen 2020-06-01 modified 2020-06-02 plugin id 11863 published 2003-10-01 reporter This script is Copyright (C) 2003-2018 Chris Foster. source https://www.tenable.com/plugins/nessus/11863 title Default Password (ibmdb2) for 'db2as' Account code # # This script was written by Chris Foster # # # See the Nessus Scripts License for details # # Changes by Tenable # Add global_settings/supplied_logins_only script_exclude_key (06/2015) # Add exit() messages for more detailed audits # account = "db2as"; password = "ibmdb2"; include("compat.inc"); if (description) { script_id(11863); script_version ("1.33"); script_cvs_date("Date: 2018/07/25 16:19:22"); script_cve_id("CVE-1999-0502", "CVE-2001-0051"); script_bugtraq_id(2068); script_name(english:"Default Password (ibmdb2) for 'db2as' Account"); script_summary(english:"Attempts to log in to the remote host."); script_set_attribute(attribute:"synopsis", value: "The remote host has an account with a default password."); script_set_attribute(attribute:"description", value: "The account 'db2as' has the password 'ibmdb2'. An attacker may use it to gain further privileges on the system."); script_set_attribute(attribute:"solution", value: "Set a strong password for this account or disable it if possible."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:TF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:T/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"metasploit_name", value:'SSH User Code Execution'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2000/12/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2003/10/01"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"default_account", value:"true"); script_end_attributes(); script_copyright(english:"This script is Copyright (C) 2003-2018 Chris Foster."); script_category(ACT_GATHER_INFO); script_family(english:"Default Unix Accounts"); script_dependencies("find_service1.nasl", "ssh_detect.nasl", "account_check.nasl"); script_require_ports("Services/telnet", 23, "Services/ssh", 22); script_exclude_keys("global_settings/supplied_logins_only"); exit(0); } # # The script code starts here : # include("audit.inc"); include("default_account.inc"); include("global_settings.inc"); if (supplied_logins_only) exit(0, "Nessus is currently configured to not log in with user accounts not specified in the scan policy."); if (! thorough_tests && ! get_kb_item("Settings/test_all_accounts")) exit(0, "Neither thorough_tests nor 'Settings/test_all_accounts' is set."); affected = FALSE; ssh_ports = get_service_port_list(svc: "ssh", default:22); foreach port (ssh_ports) { port = check_account(login:account, password:password, port:port, svc:"ssh"); if (port) { affected = TRUE; security_report_v4(port:port, severity:SECURITY_HOLE, extra:default_account_report()); } } if(affected) exit(0); telnet_ports = get_service_port_list(svc: "telnet", default:23); foreach port (telnet_ports) { port = check_account(login:account, password:password, port:port, svc:"telnet"); if (port) { affected = TRUE; security_report_v4(port:port, severity:SECURITY_HOLE, extra:default_account_report()); } } if(!affected) audit(AUDIT_HOST_NOT, "affected");NASL family Default Unix Accounts NASL id ACCOUNT_DB2INST1_IBMDB2.NASL description The account last seen 2020-06-01 modified 2020-06-02 plugin id 11859 published 2003-10-01 reporter This script is Copyright (C) 2003-2018 Chris Foster. source https://www.tenable.com/plugins/nessus/11859 title Default Password (ibmdb2) for 'db2inst1' Account NASL family Databases NASL id SMB_ACCOUNT_DB2ADMIN_DEFAULT_PASSWORD.NASL description The last seen 2020-06-01 modified 2020-06-02 plugin id 33852 published 2008-08-08 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33852 title Default Password (db2admin) for 'db2admin' Account on Windows NASL family Default Unix Accounts NASL id ACCOUNT_DB2FENC1_DB2FENC1.NASL description The account last seen 2020-06-01 modified 2020-06-02 plugin id 11860 published 2003-10-01 reporter This script is Copyright (C) 2003-2018 Chris Foster. source https://www.tenable.com/plugins/nessus/11860 title Default Password (db2fenc1) for 'db2fenc1' Account NASL family Default Unix Accounts NASL id ACCOUNT_DB2AS_DB2AS.NASL description The account last seen 2020-06-01 modified 2020-06-02 plugin id 11864 published 2003-10-01 reporter This script is Copyright (C) 2003-2018 Chris Foster. source https://www.tenable.com/plugins/nessus/11864 title Default Password (db2as) for 'db2as' Account NASL family Default Unix Accounts NASL id ACCOUNT_DB2FENC1_IBMDB2.NASL description The account last seen 2020-06-01 modified 2020-06-02 plugin id 11861 published 2003-10-01 reporter This script is Copyright (C) 2003-2018 Chris Foster. source https://www.tenable.com/plugins/nessus/11861 title Default Password (ibmdb2) for 'db2fenc1' Account