Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.901156 |
Categoría: | Databases |
Título: | IBM Db2 Multiple Security Bypass Vulnerabilities |
Resumen: | IBM Db2 is prone to multiple security bypass vulnerabilities. |
Descripción: | Summary: IBM Db2 is prone to multiple security bypass vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An error in the application while revoking privileges on a database object from the 'PUBLIC' group, which does not mark the dependent functions as 'INVALID'. - An error in the application while compiling a compound SQL statement with an 'update' statement can be exploited by an unprivileged user to execute the query from the dynamic SQL cache. Vulnerability Impact: Successful exploitation will allow attackers to bypass security restrictions. Affected Software/OS: IBM Db2 versions prior to 9.7 Fix Pack 3. Solution: Upgrade to IBM Db2 version 9.7 Fix Pack 3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N |
Referencia Cruzada: |
BugTraq ID: 43291 Common Vulnerability Exposure (CVE) ID: CVE-2010-3474 AIX APAR: IC68015 http://www-01.ibm.com/support/docview.wss?uid=swg1IC68015 http://www.securityfocus.com/bid/43291 http://osvdb.org/68121 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14669 http://www.securitytracker.com/id?1024457 http://secunia.com/advisories/41444 http://www.vupen.com/english/advisories/2010/2425 XForce ISS Database: ibm-db2-public-security-bypass(61872) https://exchange.xforce.ibmcloud.com/vulnerabilities/61872 Common Vulnerability Exposure (CVE) ID: CVE-2010-3475 AIX APAR: IC70406 http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406 http://osvdb.org/68122 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609 http://www.securitytracker.com/id?1024458 XForce ISS Database: ibm-db2-sql-security-bypass(61873) https://exchange.xforce.ibmcloud.com/vulnerabilities/61873 |
Copyright | Copyright (C) 2010 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |