SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Application (Database)  >   IBM DB2 Vendors:   IBM
IBM DB2 Multiple Bugs Let Local Users Gain Root Privileges
SecurityTracker Alert ID:  1018581
SecurityTracker URL:  http://securitytracker.com/id/1018581
CVE Reference:   CVE-2007-4270, CVE-2007-4271, CVE-2007-4272, CVE-2007-4273, CVE-2007-4275, CVE-2007-4276   (Links to External Site)
Date:  Aug 17 2007
Impact:   Execution of arbitrary code via local system, Modification of system information, Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): V9 prior to Fix Pack 3, V8 prior to FixPak 15
Description:   Several vulnerabilities were reported in IBM DB2. A local user can obtain elevated privileges on the target system.

A local user can create a symbolic link (symlink) from a critical file on the system to files used by DB2 after DB2 has checked to see if a symlink exists and before the symlinked file is processed to modify arbitrary files with root privileges [CVE-2007-4270].

A local user can modify a certain environment variable to trigger a directory traversal flaw and cause some DB2 binaries to create arbitrary files on the target system [CVE-2007-4271].

A local user can set certain combinations of environment variables to cause some DB2 binaries to create arbitrary files on the target system or append to arbitrary files [CVE-2007-4272].

A local user can cause certain DB2 binaries to create world-writable directories [CVE-2007-4273].

A local user can exploit search path vulnerabilities to cause DB2 to load an alternate binary or library [CVE-2007-4275].

A local user can set an environment variable to a specially crafted value to trigger a stack overflow and execute arbitrary code [CVE-2007-4276].

The vendor was notified on March 22 and 23, 2007.

The original advisories are available at:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=578
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=579
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=580
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=582
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583

Impact:   A local user can obtain root privileges on the target system.
Solution:   The vendor has issued fixed versions (V9 Fix Pack 3 and version V8 FixPak 15).

The IBM advisories are available at:

http://www-1.ibm.com/support/docview.wss?uid=swg21256235
http://www-1.ibm.com/support/docview.wss?uid=swg21255572

Vendor URL:  www-1.ibm.com/support/docview.wss?uid=swg21256235 (Links to External Site)
Cause:   Access control error, Boundary error, Input validation error, State error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC