|
Problem IC94434
|
Status: Closed |
SECURITY: DENIAL OF SERVICE VULNERABILITY IN DB2's FAST COMMUNICATIONS MANAGER. (CVE-2013-4032) |
| product: |
DB2 FOR LUW / DB2FORLUW / A10 - DB2 |
| Problem description: |
A vulnerability in the IBM DB2 Servers could allow an
unauthenticated, remote attacker to cause a denial of service.
The vulnerability exists in the Fast Communications Manager
(FCM) which is used for communication between different nodes in
a Partitioned database and between members in a pureScale
configuration. A single node configuration is not vulnerable. |
| Problem Summary: |
****************************************************************
* USERS AFFECTED: *
* All Users *
****************************************************************
* PROBLEM DESCRIPTION: *
* See Error Description *
****************************************************************
* RECOMMENDATION: *
* Upgrade to DB2 v10.1 Fixpack 3 or higher *
**************************************************************** |
| Local Fix: |
|
| available fix packs: |
DB2 Version 10.1 Fix Pack 3 for Linux, UNIX, and Windows
DB2 Version 10.1 Fix Pack 4 for Linux, UNIX, and Windows
DB2 Version 10.1 Fix Pack 3a for Linux, UNIX, and Windows
DB2 Version 10.1 Fix Pack 6 for Linux, UNIX, and Windows
|
| Solution |
First fixed in DB2 v10.1 FixPack 3 |
| Workaround |
not known / see Local fix |
| BUG-Tracking |
forerunner : APAR is sysrouted TO one or more of the following: IC94939
follow-up : |
| Timestamps |
Date - problem reported :
Date - problem closed :
Date - last modified :
| 29.07.2013
02.10.2013
02.10.2013 |
| Problem solved at the following versions (IBM BugInfos) |
|
| Problem solved according to the fixlist(s) of the following version(s) |
| 10.1.0.3
|
 |
| 10.1.0.3
|
|
