Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

IBM DB2 Multiple Vulnerabilities (Linux)

Information

Severity

Severity

Medium

Family

Family

Databases

CVSSv2 Base

CVSSv2 Base

4.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

5 years ago

Summary

The host is installed with IBM DB2 and is prone to multiple vulnerabilities.

Insight

Insight

- An error in DRDA Services component can be exploited via an IPv6 address in the correlation token in the APPID string. - An unspecified error can be exploited to connect to DB2 databases without a valid password if ldap-based authentication is used and the LDAP server allows anonymous binds.

Affected Software

Affected Software

IBM DB2 version 8 prior to Fixpak 17 IBM DB2 version 9.1 prior to Fixpak 7 IBM DB2 version 9.5 prior to Fixpak 4

Solution

Solution

Update DB2 8 Fixpak 17 or 9.1 Fixpak 7 or 9.5 Fixpak 4 or later.

Common Vulnerabilities and Exposures (CVE)