|
Problem IC92498
|
Status: Geschlossen |
SECURITY: STACK BUFFER OVERFLOW VULNERABILITY IN DB2AUD AND DB2FLACC (CVE-2013-3475). |
| Produkt: |
DB2 FOR LUW / DB2FORLUW / A10 - DB2 |
| Problembeschreibung: |
The programs db2aud and db2flacc contain a stack buffer overflow
vulnerability which an attacker could exploit to gain DB2
instance owner privilege. |
| Problem-Zusammenfassung: |
****************************************************************
* USERS AFFECTED: *
* All DB2 systems on all Linux, Unix and Windows platforms at *
* service levels Version 10.1 GA through to Version 10.1 Fix *
* Pack 2. *
****************************************************************
* PROBLEM DESCRIPTION: *
* See Error Description *
****************************************************************
* RECOMMENDATION: *
* Upgrade to DB2 Version 10.1 Fix Pack 3. *
**************************************************************** |
| Local-Fix: |
|
| verfügbare FixPacks: |
DB2 Version 10.1 Fix Pack 3 for Linux, UNIX, and Windows
DB2 Version 10.1 Fix Pack 4 for Linux, UNIX, and Windows
DB2 Version 10.1 Fix Pack 3a for Linux, UNIX, and Windows
DB2 Version 10.1 Fix Pack 6 for Linux, UNIX, and Windows
|
| Lösung |
The complete fix for this problem first appears in DB2 Version
10.1 Fix Pack 3 and all the subsequent Fix Packs. |
| Workaround |
keiner bekannt / siehe Local-Fix |
| Weitere Daten |
Datum - Problem gemeldet :
Datum - Problem geschlossen :
Datum - der letzten Änderung:
| 22.05.2013
01.10.2013
01.10.2013 |
| Problem behoben ab folgender Versionen (IBM BugInfos) |
|
| Problem behoben lt. FixList in der Version |
| 10.1.0.3
|
 |
| 10.1.0.3
|
|
