Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.902489 |
Categoría: | Databases |
Título: | IBM Db2 'DT_RPATH' Insecure Library Loading Code Execution Vulnerabilities |
Resumen: | The host is running IBM Db2 and is prone to insecure library loading; vulnerabilities. |
Descripción: | Summary: The host is running IBM Db2 and is prone to insecure library loading vulnerabilities. Vulnerability Insight: The flaws are due to an error in 'db2rspgn' and 'kbbacf1', which allow users to gain privileges via a Trojan horse libkbb.so in the current working directory. Vulnerability Impact: Successful exploitation allows local unauthenticated users to gain elevated privileges and execute arbitrary code with root privileges. Affected Software/OS: IBM Db2 version 9.7 Solution: Upgrade to version 9.7 Fix Pack 6, 10.1 Fix Pack 1, or later. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C |
Referencia Cruzada: |
BugTraq ID: 48514 Common Vulnerability Exposure (CVE) ID: CVE-2011-4061 http://www.securityfocus.com/bid/48514 BugTraq ID: 51181 http://www.securityfocus.com/bid/51181 Bugtraq: 20110629 Breaking the links: Exploiting the linker (Google Search) http://www.securityfocus.com/archive/1/518659 http://www.nth-dimension.org.uk/downloads.php?id=77 http://www.nth-dimension.org.uk/downloads.php?id=83 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14063 http://securityreason.com/securityalert/8476 |
Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |