 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.801930 |
| Kategorie: | Databases |
| Titel: | IBM Db2 Multiple Security Bypass Vulnerabilities (May 2011) |
| Zusammenfassung: | IBM Db2 is prone to multiple security bypass vulnerabilities. |
| Beschreibung: | Summary: IBM Db2 is prone to multiple security bypass vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An access validation error which could allow users to update statistics for tables without appropriate privileges. - An error when revoking role memberships, which could result in a user continuing to have privileges to execute a non-DDL statement after role membership has been revoked from its group. Vulnerability Impact: Successful exploitation will allow attackers to bypass security restrictions, gain knowledge of sensitive information or cause a denial of service. Affected Software/OS: IBM Db2 versions prior to 9.5 Fix Pack 7 and prior to 9.7 Fix Pack 4 Solution: Update Db2 to 9.5 Fix Pack 7, 9.7 Fix Pack 4, or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-1846 AIX APAR: IC71263 http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263 AIX APAR: IC71375 http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375 BugTraq ID: 47525 http://www.securityfocus.com/bid/47525 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688 http://secunia.com/advisories/44229 http://www.vupen.com/english/advisories/2011/1083 XForce ISS Database: db2-data-services-sec-bypass(66980) https://exchange.xforce.ibmcloud.com/vulnerabilities/66980 Common Vulnerability Exposure (CVE) ID: CVE-2011-1847 AIX APAR: IC71413 http://www-01.ibm.com/support/docview.wss?uid=swg1IC71413 AIX APAR: IC72119 http://www-01.ibm.com/support/docview.wss?uid=swg1IC72119 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14122 XForce ISS Database: ibm-db2-rds-sec-bypass(66979) https://exchange.xforce.ibmcloud.com/vulnerabilities/66979 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |