SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Database)  >   IBM DB2 Vendors:   IBM
IBM DB2 Scalar Function Bugs Let Remote Authenticated Users Deny Service
SecurityTracker Alert ID:  1032882
SecurityTracker URL:  http://securitytracker.com/id/1032882
CVE Reference:   CVE-2015-0157   (Links to External Site)
Date:  Jul 14 2015
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.7, 9.8, 10.1, 10.5
Description:   A vulnerability was reported in IBM DB2. A remote authenticated user can cause the target service to crash.

A remote authenticated user can run a specially crafted SQL statement that invokes certain scalar functions to cause the target DB2 server to crash.

The server must be restarted to return to normal operations.

Igor Kopylenko of McAfee reported this vulnerability.

Impact:   A remote authenticated user can cause the target service to crash.
Solution:   The vendor has issued a fix.

For 9.7: APAR IT07103
For 9.8: APAR IT07107
For 10.1: 10.1 FP5, APAR IT07108
For 10.5: IT07109

The vendor's advisory is available at:

https://www-304.ibm.com/support/docview.wss?uid=swg21697987

Vendor URL:  www-304.ibm.com/support/docview.wss?uid=swg21697987 (Links to External Site)
Cause:   Not specified
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 30 2015 (IBM Issues Fix for IBM InfoSphere BigInsights) IBM DB2 Scalar Function Bugs Let Remote Authenticated Users Deny Service
IBM has issued a fix for IBM InfoSphere BigInsights.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC