Vulnerabilities > CVE-2004-0795 - Remote Command Server Privilege Escalation vulnerability in IBM DB2 Universal Database 8.1

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
ibm
metasploit
NVD
Published: 2004-10-20
Updated: 2017-07-11

Summary

DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.

Vulnerable Configurations

Part Description Count
Application
Ibm
1

Metasploit

descriptionThis module exploits a vulnerability in the Remote Command Server component in IBM's DB2 Universal Database 8.1. An authenticated attacker can send arbitrary commands to the DB2REMOTECMD named pipe which could lead to administrator privileges.
idMSF:AUXILIARY/ADMIN/DB2/DB2RCMD
last seen2020-05-23
modified2017-07-24
published2008-11-11
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0795
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/admin/db2/db2rcmd.rb
titleIBM DB2 db2rcmd.exe Command Execution Vulnerability

References