Latest versionsfixlist
11.1.0.7 FixList
10.5.0.9 FixList
10.1.0.6 FixList
9.8.0.5 FixList
9.7.0.11 FixList
9.5.0.10 FixList
9.1.0.12 FixList
Have problems? - contact us.
Register for free anmeldung-x26
Contact form kontakt-x26

DB2 - Problem description

Problem IC69986 Status: Closed

SECURITY: REMOTE BUFFER OVERFLOW VULNERABILITY IN DB2
ADMINISTRATIVE SERVER

product:
DB2 FOR LUW / DB2FORLUW / 910 - DB2
Problem description:
There exists a buffer overflow vulnerability with the DB2 
Administrative Server (DAS). The vulnerability can cause a trap 
in DAS, causing a denial of service, or can lead to an 
escalation of privileges. 
 
This vulnerability does not affect the DB2 server. 
 
This problem was reported to IBM by an anonymous researcher 
working with TippingPoint's Zero Day Initiative 
(http://www.zerodayinitiative.com)
Problem Summary:
**************************************************************** 
* USERS AFFECTED:                                              * 
* Users of the DB2 Administrative Server.                      * 
**************************************************************** 
* PROBLEM DESCRIPTION:                                         * 
* See Error Description.                                       * 
**************************************************************** 
* RECOMMENDATION:                                              * 
* Upgrade to DB2 Version 9.1 Fix Pack 10 or do not start DAS   * 
* if DAS is not needed.                                        * 
****************************************************************
Local Fix:
If you are not using DAS, ensure that DAS is not started.
available fix packs:
DB2 Version 9.1 Fix Pack 11  for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 12  for Linux, UNIX and Windows

Solution
The problem was first fixed in DB2 Version 9.1 Fix Pack 10.
Workaround
See Local Fix.
BUG-Tracking
forerunner  : APAR is sysrouted TO one or more of the following: IC70538 IC70539 IC71979 
follow-up : 
Timestamps
Date  - problem reported    :
Date  - problem closed      :
Date  - last modified       :
16.07.2010
27.01.2011
27.01.2011
Problem solved at the following versions (IBM BugInfos)
9.1.FP10
Problem solved according to the fixlist(s) of the following version(s)
9.1.0.10 FixList
This site uses cookies to make it easier for us to provide you with our services. By using our site you agree to the use of cookies.