home clear 64x64
en blue 200x116 de orange 200x116 info letter User
suche 36x36
Neueste VersionenFixList
11.1.0.7 FixList
10.5.0.9 FixList
10.1.0.6 FixList
9.8.0.5 FixList
9.7.0.11 FixList
9.5.0.10 FixList
9.1.0.12 FixList
Haben Sie Probleme? - Kontaktieren Sie uns.
Kostenlos registrieren anmeldung-x26
Kontaktformular kontakt-x26

DB2 - Problembeschreibung

Problem IT02593 Status: Geschlossen

Security: DB2 contains a denial of service vulnerability in ALTER MODULE
statement handling. (CVE-2014-3094)

Produkt:
DB2 FOR LUW / DB2FORLUW / A10 - DB2
Problembeschreibung:
DB2 is vulnerable to a stack buffer overflow, caused by improper 
bounds checking by the handling of the ALTER MODULE statement. A 
remote attacker could overflow a buffer and execute arbitrary 
code on the system with DB2 instance owner privileges cause the 
server to crash.
Problem-Zusammenfassung:
**************************************************************** 
* USERS AFFECTED:                                              * 
* All DB2 systems on all Linux, Unix and Windows platforms at  * 
* service levels Version 10.1 GA  through to Version 10.1 Fix  * 
* Pack 4.                                                      * 
**************************************************************** 
* PROBLEM DESCRIPTION:                                         * 
* See Error Description                                        * 
**************************************************************** 
* RECOMMENDATION:                                              * 
* Upgrade to DB2 Version 10.1 Fix Pack 5.                      * 
* Refer to remediation in security bulletin:                   * 
* http://www-01.ibm.com/support/docview.wss?uid=swg21681631    * 
****************************************************************
Local-Fix:
Lösung
The complete fix for this problem first appears in DB2 Version 
10.1 Fix Pack 5.
Workaround
keiner bekannt / siehe Local-Fix
Weitere Daten
Datum - Problem gemeldet    :
Datum - Problem geschlossen :
Datum - der letzten Änderung:
16.06.2014
13.07.2015
13.07.2015
Problem behoben ab folgender Versionen (IBM BugInfos)
Problem behoben lt. FixList in der Version
10.1.0.5 FixList