Test ID:	1.3.6.1.4.1.25623.1.0.801504
Category:	Databases
Title:	IBM Db2 SYSIBMADM Multiple Vulnerabilities (Sep 2010)
Summary:	IBM DB2 is prone to multiple vulnerabilities.
Description:	Summary: IBM DB2 is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An erron in the handling of 'SYSIBMADM' schema. It does not perform the expected access control on the monitor administrative, which allows attackers to obtain sensitive information via unspecified vectors. - An erron in the handling of 'AUTO_REVAL' when AUTO_REVAL is IMMEDIATE, which allows remote authenticated users to cause a denial of service. Vulnerability Impact: Successful exploitation will allow attackers to bypass security restrictions, gain knowledge of sensitive information or cause a denial of service. Affected Software/OS: IBM Db2 versions prior to 9.7 Fix Pack 2. Solution: Update Db2 version 9.7 Fix Pack 2. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3196 AIX APAR: IC67008 http://www-01.ibm.com/support/docview.wss?uid=swg1IC67008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14472 Common Vulnerability Exposure (CVE) ID: CVE-2010-3197 AIX APAR: IC67819 http://www-01.ibm.com/support/docview.wss?uid=swg1IC67819 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14430
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.