Test ID:	1.3.6.1.4.1.25623.1.0.809855
Category:	Databases
Title:	IBM Db2 'monitoring' and 'audit feature' Information Disclosure Vulnerability
Summary:	IBM Db2 is prone to an information disclosure vulnerability.
Description:	Summary: IBM Db2 is prone to an information disclosure vulnerability. Vulnerability Insight: The flaw exists due to IBM Db2 stores passwords during the processing of certain SQL statements by the monitoring and audit facilities. Vulnerability Impact: Successful exploitation will allow remote authenticated users to obtain sensitive information via commands associated with these facilities. Affected Software/OS: IBM Db2 versions 9.5 through FP10, IBM Db2 versions 9.7 through FP10, IBM Db2 versions 9.8 through FP5, IBM Db2 versions 10.1 through FP4 and IBM Db2 versions 10.5 through FP5 Solution: Apply the appropriate fix CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0919 AIX APAR: IT07397 http://www-01.ibm.com/support/docview.wss?uid=swg1IT07397 AIX APAR: IT07547 http://www-01.ibm.com/support/docview.wss?uid=swg1IT07547 AIX APAR: IT07552 http://www-01.ibm.com/support/docview.wss?uid=swg1IT07552 AIX APAR: IT07553 http://www-01.ibm.com/support/docview.wss?uid=swg1IT07553 AIX APAR: IT07554 http://www-01.ibm.com/support/docview.wss?uid=swg1IT07554 BugTraq ID: 74217 http://www.securityfocus.com/bid/74217 http://www.securitytracker.com/id/1032247
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.