IBM DB2 Universal Database Server 8.2 Prior To Fixpak 17 Multiple Vulnerabilities

IBM DB2 Universal Database Server is prone to multiple vulnerabilities:

- A remote denial-of-service issue related to CONNECT / ATTACH processing.
- An unspecified vulnerability in the DB2FMP process.
- A remote denial-of-service issue in DB2JDS.
- The DB2FMP process executes with system privileges under Windows.

An attacker may exploit these issues to deny service to legitimate users. Other attacks may also be possible.

The CONNECT / ATTACH issue may be related to the issue discussed in BID 27870 (IBM DB2 Universal Database Multiple Vulnerabilities).

Very few details are available regarding these issues. We will update this BID as more information emerges.

These issues affect versions prior to IBM DB2 Universal Database Server 8.2 Fixpak 17.


Privacy Statement
Copyright 2010, SecurityFocus