Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.811693
Categoría:Databases
Título:IBM Db2 Multiple Privilege Escalation Vulnerabilities
Resumen:IBM DB2 is prone to multiple privilege escalation vulnerabilities.
Descripción:Summary:
IBM DB2 is prone to multiple privilege escalation vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- An unauthorized command that allows the database to be activated when authentication type is CLIENT.

- Multiple errors in validating privileges of local users.

Vulnerability Impact:
Successful exploitation will allow attacker
to obtain root access and a user without proper authority can activate database.

Affected Software/OS:
IBM Db2 versions 9.7 before 9.7 FP11, 10.1 before 10.1 FP6, 10.5 before
10.5 FP8 and 11.1.2.2 before 11.1.2.2 FP2.

Solution:
Apply the appropriate fix from reference links

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: BugTraq ID: 100684
BugTraq ID: 100690
BugTraq ID: 100698
BugTraq ID: 100685
Common Vulnerability Exposure (CVE) ID: CVE-2017-1520
http://www.securityfocus.com/bid/100684
https://exchange.xforce.ibmcloud.com/vulnerabilities/129830
http://www.securitytracker.com/id/1039308
Common Vulnerability Exposure (CVE) ID: CVE-2017-1451
http://www.securityfocus.com/bid/100690
https://exchange.xforce.ibmcloud.com/vulnerabilities/128178
http://www.securitytracker.com/id/1039301
Common Vulnerability Exposure (CVE) ID: CVE-2017-1452
http://www.securityfocus.com/bid/100698
https://exchange.xforce.ibmcloud.com/vulnerabilities/128180
http://www.securitytracker.com/id/1039299
Common Vulnerability Exposure (CVE) ID: CVE-2017-1439
https://exchange.xforce.ibmcloud.com/vulnerabilities/128058
Common Vulnerability Exposure (CVE) ID: CVE-2017-1438
http://www.securityfocus.com/bid/100685
https://exchange.xforce.ibmcloud.com/vulnerabilities/128057
http://www.securitytracker.com/id/1039300
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.