Databases : IBM Db2 SYSIBMADM Multiple Vulnerabilities (Sep 2010)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.801504

Categoría: Databases

Título: IBM Db2 SYSIBMADM Multiple Vulnerabilities (Sep 2010)

Resumen: IBM DB2 is prone to multiple vulnerabilities.

Descripción: Summary:
IBM DB2 is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An erron in the handling of 'SYSIBMADM' schema. It does not perform the
expected access control on the monitor administrative, which allows
attackers to obtain sensitive information via unspecified vectors.

- An erron in the handling of 'AUTO_REVAL' when AUTO_REVAL is IMMEDIATE,
which allows remote authenticated users to cause a denial of service.

Vulnerability Impact:
Successful exploitation will allow attackers to bypass security
restrictions, gain knowledge of sensitive information or cause a denial of service.

Affected Software/OS:
IBM Db2 versions prior to 9.7 Fix Pack 2.

Solution:
Update Db2 version 9.7 Fix Pack 2.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3196
AIX APAR: IC67008
http://www-01.ibm.com/support/docview.wss?uid=swg1IC67008
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14472
Common Vulnerability Exposure (CVE) ID: CVE-2010-3197
AIX APAR: IC67819
http://www-01.ibm.com/support/docview.wss?uid=swg1IC67819
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14430

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.801504
Categoría:	Databases
Título:	IBM Db2 SYSIBMADM Multiple Vulnerabilities (Sep 2010)
Resumen:	IBM DB2 is prone to multiple vulnerabilities.
Descripción:	Summary: IBM DB2 is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An erron in the handling of 'SYSIBMADM' schema. It does not perform the expected access control on the monitor administrative, which allows attackers to obtain sensitive information via unspecified vectors. - An erron in the handling of 'AUTO_REVAL' when AUTO_REVAL is IMMEDIATE, which allows remote authenticated users to cause a denial of service. Vulnerability Impact: Successful exploitation will allow attackers to bypass security restrictions, gain knowledge of sensitive information or cause a denial of service. Affected Software/OS: IBM Db2 versions prior to 9.7 Fix Pack 2. Solution: Update Db2 version 9.7 Fix Pack 2. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3196 AIX APAR: IC67008 http://www-01.ibm.com/support/docview.wss?uid=swg1IC67008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14472 Common Vulnerability Exposure (CVE) ID: CVE-2010-3197 AIX APAR: IC67819 http://www-01.ibm.com/support/docview.wss?uid=swg1IC67819 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14430
Copyright	Copyright (C) 2010 Greenbone AG