home clear 64x64
en blue 200x116 de orange 200x116 info letter User
suche 36x36
Neueste VersionenFixList
11.1.0.7 FixList
10.5.0.9 FixList
10.1.0.6 FixList
9.8.0.5 FixList
9.7.0.11 FixList
9.5.0.10 FixList
9.1.0.12 FixList
Haben Sie Probleme? - Kontaktieren Sie uns.
Kostenlos registrieren anmeldung-x26
Kontaktformular kontakt-x26

DB2 - Problembeschreibung

Problem IC72119 Status: Geschlossen

Users able to update statistics for tables without appropriate privileges

Produkt:
DB2 FOR LUW / DB2FORLUW / 970 - DB2
Problembeschreibung:
Users are able to incorrectly update statistics columns 
in SYSSTAT.TABLES for tables upon which they do not have 
appropriate privileges.  Thus, a malicious user may be able to 
introduce query performance degradations by modifying table 
statistics via this view. 
 
Normally, in order to update the statistics for a 
table via this view, you must have CONTROL or explicit 
DATAACCESS privilege on the table.    This APAR fix addresses 
this problem.
Problem-Zusammenfassung:
**************************************************************** 
* USERS AFFECTED:                                              * 
* DB2 Version 9.7 GA through to Fix Pack 3 servers on Linux,   * 
* Unix and Windows platforms, updating                         * 
* the SYSSTAT.TABLES view.                                     * 
**************************************************************** 
* PROBLEM DESCRIPTION:                                         * 
* The view definition doesn't check for the correct user       * 
* authorization.                                               * 
**************************************************************** 
* RECOMMENDATION:                                              * 
* Apply DB2 Version 9.7 Fix Pack 4 and run db2updv97 to update * 
* the view definition text. Otherwise, please refer to the     * 
* Local Fix.                                                   * 
****************************************************************
Local-Fix:
Revoke UPDATE privilege from PUBLIC on the SYSSTAT.TABLES view 
until this APAR is applied. Namely, run: 
 
revoke update on sysstat.tables from public 
 
You may continue updating statistics with appropriate privileges 
via the SYSCAT.TABLES view if needed, which is not affected by 
this problem.
verfügbare FixPacks:
DB2 Version 9.7 Fix Pack 4 for Linux, UNIX, and Windows
 DB2 Version 9.7 Fix Pack 5 for Linux, UNIX, and Windows
 DB2 Version 9.7 Fix Pack 6 for Linux, UNIX, and Windows
 DB2 Version 9.7 Fix Pack 7 for Linux, UNIX, and Windows
 DB2 Version 9.7 Fix Pack 8 for Linux, UNIX, and Windows
 DB2 Version 9.7 Fix Pack 9 for Linux, UNIX, and Windows
 DB2 Version 9.7 Fix Pack 9a for Linux, UNIX, and Windows
 DB2 Version 9.7 Fix Pack 10 for Linux, UNIX, and Windows
Lösung
Problem is first fixed in DB2 Version 9.7 Fix Pack 4 and all 
subsequent Fix Packs.
Workaround
keiner bekannt / siehe Local-Fix
Bug-Verfolgung
Vorgänger  : APAR is sysrouted TO one or more of the following: IC72571 
Nachfolger :
Weitere Daten
Datum - Problem gemeldet    :
Datum - Problem geschlossen :
Datum - der letzten Änderung:

21.10.2010
28.04.2011
28.04.2011
Problem behoben ab folgender Versionen (IBM BugInfos)
9.7.FP4
Problem behoben lt. FixList in der Version
9.7.0.4 FixList