• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

IBM DB2 Windows XP Simple File Sharing Authentication Bypass Vulnerability

IBM DB2 is affected by an authentication bypass vulnerability when run on Microsoft Windows XP computers that have Simple File Sharing enabled.

This vulnerability may let attackers gain unauthorized access to the database using the Windows XP Guest account. This could be exploited with a custom client that will authenticate the attacker as the Guest account.

The researcher who discovered this issue has not provided a conclusive list of affected IBM DB2 products. For the time being, all versions that run on Windows XP are assumed to be affected. If contrary information is made available, this BID will be updated accordingly.