DB2 - Problembeschreibung
Problem IC70539 | Status: Geschlossen |
SECURITY: REMOTE BUFFER OVERFLOW VULNERABILITY IN DB2 ADMINISTRATIVE SERVER | |
Produkt: | |
DB2 FOR LUW / DB2FORLUW / 970 - DB2 | |
Problembeschreibung: | |
There exists a buffer overflow vulnerability with the DB2 Administrative Server (DAS). The vulnerability can cause a trap in DAS, causing a denial of service, or can lead to an escalation of privileges. This vulnerability does not affect the DB2 server. This problem was reported to IBM by an anonymous researcher working with TippingPoint's Zero Day Initiative (http://www.zerodayinitiative.com) | |
Problem-Zusammenfassung: | |
**************************************************************** * USERS AFFECTED: * * Users of the DB2 Administrative Server. * **************************************************************** * PROBLEM DESCRIPTION: * * See Error Description. * **************************************************************** * RECOMMENDATION: * * Upgrade to DB2 Version 9.7 Fix Pack 3 or do not start DAS if * * DAS is not needed. * **************************************************************** | |
Local-Fix: | |
If you are not using DAS, ensure that DAS is not started. | |
verfügbare FixPacks: | |
DB2 Version 9.7 Fix Pack 3 for Linux, UNIX, and Windows | |
Lösung | |
The problem was first fixed in DB2 Version 9.7 Fix Pack 3. | |
Workaround | |
See Local Fix. | |
Weitere Daten | |
Datum - Problem gemeldet : Datum - Problem geschlossen : Datum - der letzten Änderung: | 12.08.2010 27.01.2011 27.01.2011 |
Problem behoben ab folgender Versionen (IBM BugInfos) | |
9.7.FP3 | |
Problem behoben lt. FixList in der Version | |
9.7.0.3 | |
9.7.0.3 |