|
Problem IC94939
|
Status: Closed |
SECURITY: DENIAL OF SERVICE VULNERABILITY IN DB2's FAST COMMUNICATIONS MANAGER. (CVE-2013-4032) |
| product: |
DB2 FOR LUW / DB2FORLUW / A50 - DB2 |
| Problem description: |
A vulnerability in the IBM DB2 Servers could allow an
unauthenticated, remote attacker to cause a denial of service.
The vulnerability exists in the Fast Communications Manager
(FCM) which is used for communication between different nodes in
a Partitioned database and between members in a pureScale
configuration. A single node configuration is not vulnerable. |
| Problem Summary: |
****************************************************************
* USERS AFFECTED: *
* Users on DB2 V10.5 FP2 and below *
****************************************************************
* PROBLEM DESCRIPTION: *
* See Error Description *
****************************************************************
* RECOMMENDATION: *
* Update to 10.5.0.3 *
**************************************************************** |
| Local Fix: |
|
| available fix packs: |
DB2 Version 10.5 Fix Pack 3a for Linux, UNIX, and Windows
DB2 Version 10.5 Fix Pack 3a for Linux, UNIX, and Windows
DB2 Cancun Release 10.5.0.4 (also known as Fix Pack 4) for Linux, UNIX, and Windows
DB2 Version 10.5 Fix Pack 9 for Linux, UNIX, and Windows
|
| Solution |
Problem Fixed In 10.5.0.3 |
| Workaround |
not known / see Local fix |
| Timestamps |
Date - problem reported :
Date - problem closed :
Date - last modified :
| 15.08.2013
14.04.2014
14.04.2014 |
| Problem solved at the following versions (IBM BugInfos) |
|
| Problem solved according to the fixlist(s) of the following version(s) |
| 10.5.0.3
|
 |
| 10.5.0.3
|
|
