Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.902489
Categoría:Databases
Título:IBM Db2 'DT_RPATH' Insecure Library Loading Code Execution Vulnerabilities
Resumen:The host is running IBM Db2 and is prone to insecure library loading; vulnerabilities.
Descripción:Summary:
The host is running IBM Db2 and is prone to insecure library loading
vulnerabilities.

Vulnerability Insight:
The flaws are due to an error in 'db2rspgn' and 'kbbacf1', which allow users
to gain privileges via a Trojan horse libkbb.so in the current working directory.

Vulnerability Impact:
Successful exploitation allows local unauthenticated users to gain elevated
privileges and execute arbitrary code with root privileges.

Affected Software/OS:
IBM Db2 version 9.7

Solution:
Upgrade to version 9.7 Fix Pack 6, 10.1 Fix Pack 1, or later.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: BugTraq ID: 48514
Common Vulnerability Exposure (CVE) ID: CVE-2011-4061
http://www.securityfocus.com/bid/48514
BugTraq ID: 51181
http://www.securityfocus.com/bid/51181
Bugtraq: 20110629 Breaking the links: Exploiting the linker (Google Search)
http://www.securityfocus.com/archive/1/518659
http://www.nth-dimension.org.uk/downloads.php?id=77
http://www.nth-dimension.org.uk/downloads.php?id=83
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14063
http://securityreason.com/securityalert/8476
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.