Test Kennung:	1.3.6.1.4.1.25623.1.0.801588
Kategorie:	Databases
Titel:	IBM Db2 DBADM Privilege Revocation Security Bypass Vulnerability
Zusammenfassung:	IBM Db2 is prone to a security bypass vulnerability.
Beschreibung:	Summary: IBM Db2 is prone to a security bypass vulnerability. Vulnerability Insight: The flaw is due to an error in the application while revoking 'DBADM' privileges. This does not restrict users from executing non-DDL statements. Vulnerability Impact: Successful exploitation allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority. Affected Software/OS: IBM Db2 version 9.1 before FP10, version 9.5 before FP6a and version 9.7 before FP2. Solution: Upgrade to IBM Db2 version 9.1 FP10, 9.5 FP6a, 9.7 FP2 or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0757 AIX APAR: IC66811 http://www.ibm.com/support/docview.wss?uid=swg1IC66811 AIX APAR: IC66814 http://www.ibm.com/support/docview.wss?uid=swg1IC66814 AIX APAR: IC66815 http://www.ibm.com/support/docview.wss?uid=swg1IC66815 BugTraq ID: 46064 http://www.securityfocus.com/bid/46064 http://osvdb.org/70773 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14295 http://secunia.com/advisories/43148 XForce ISS Database: ibm-db2-dbadm-priv-esc(65008) https://exchange.xforce.ibmcloud.com/vulnerabilities/65008
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.