Vulnerabilities > CVE-2009-3471 - Remote Security vulnerability in IBM DB2 8.0/9.1/9.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2 does not perform the expected drops of certain table functions upon a loss of privileges by the functions' definers, which has unspecified impact and remote attack vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 27 |
Nessus
NASL family Databases NASL id DB2_97FP2.NASL description According to its version, the installation of IBM DB2 9.7 running on the remote host is affected by one or more of the following issues : - The last seen 2020-06-01 modified 2020-06-02 plugin id 46766 published 2010-06-01 reporter This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46766 title IBM DB2 9.7 < Fix Pack 2 Multiple Vulnerabilities NASL family Databases NASL id DB2_9FP9.NASL description According to its version, the installation of IBM DB2 9.1 running on the remote host is affected by one or more of the following issues : - The last seen 2020-06-01 modified 2020-06-02 plugin id 46173 published 2010-04-28 reporter This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46173 title IBM DB2 9.1 < Fix Pack 9 Multiple Vulnerabilities NASL family Databases NASL id DB2_95FP4.NASL description The IBM DB2 database server running on the remote host is prior to 9.5 Fix Pack 4. It is, therefore, affected by multiple issues : - It may be possible to connect to DB2 servers without valid passwords, provided LDAP-based authentication is used and the remote LDAP server is configured to allow anonymous binds. (JR32268) - It may be possible to trigger a denial of service condition by sending malicious last seen 2020-06-01 modified 2020-06-02 plugin id 39007 published 2009-06-03 reporter This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39007 title IBM DB2 < 9.5 Fix Pack 4 Multiple Vulnerabilities NASL family Databases NASL id DB2_95FP6.NASL description According to its version, the installation of IBM DB2 9.5 running on the remote host is prior to 9.5 Fix Pack 6. It is, therefore, affected by one or more of the following issues : - The Install component on Linux, UNIX, and Windows enforces an unintended limit on password length, which makes it easier for attackers to obtain access via a brute-force attack. (IC62856) - The Security component logs AUDIT events by using a USERID and an AUTHID value corresponding to the instance owner, instead of a USERID and an AUTHID value corresponding to the logged-in user account, which makes it easier for remote, authenticated users to execute Audit administration commands without discovery. (IC65184) - A privilege escalation vulnerability exists in the DB2STST program (on Linux and Unix platforms only). (IC65703) - A malicious user could use the DB2DART program to overwrite files owned by the instance owner. (IC65756) - The scalar function REPEAT contains a buffer overflow that a malicious user with a valid database connection could manipulate, causing the DB2 server to trap. (IC65933) - The Net Search Extender implementation in the Text Search component does not properly handle an alphanumeric Fuzzy search, which could allow a remote, authenticated user to consume memory or even hang the system via the last seen 2020-06-01 modified 2020-06-02 plugin id 49120 published 2010-09-07 reporter This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49120 title IBM DB2 9.5 < Fix Pack 6a Multiple Vulnerabilities NASL family Databases NASL id DB2_9FP8.NASL description According to its version, the IBM DB2 server running on the remote host is prior to 9.1 Fix Pack 8. It is, therefore, affected by multiple vulnerabilities : - MODIFIED SQL DATA table function is not dropped even if the maintainer does not have privileges to maintain the objects. (IZ46773) - It may be possible for an unauthorized user to insert, update, or delete rows in a table. (IZ50078) - An user without last seen 2020-06-01 modified 2020-06-02 plugin id 42044 published 2009-10-06 reporter This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/42044 title IBM DB2 9.1 < Fix Pack 8 Multiple Vulnerabilities
References
- ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- http://osvdb.org/58477
- http://secunia.com/advisories/36890
- http://www.securityfocus.com/bid/36540
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC63548
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ46658
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ46773
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ46774
- http://www-01.ibm.com/support/docview.wss?uid=swg21386689
- http://www-01.ibm.com/support/docview.wss?uid=swg21403619
- http://www-01.ibm.com/support/docview.wss?uid=swg21426108
- http://www-01.ibm.com/support/docview.wss?uid=swg21432298