IBM DB2 Distributed Relational Database Architecture Request DoS Vulnerability Network Vulnerability

Summary

The host is running IBM DB2 and is prone to denial of service vulnerability.

Impact

Successful exploitation allows remote users to cause denial of service. Impact Level: Application.

Solution

Upgrade to IBM DB2 version 9.1 FP11, 9.5 FP8, 9.7 FP5, 9.8 FP4 or later, For updates refer to http://www-01.ibm.com/support/docview.wss?uid=swg27007053

Insight

The flaw is caused due an error within the server component can be exploited to cause a crash by sending a specially crafted Distributed Relational Database Architecture request.

Affected

IBM DB2 version 9.1 before FP11, IBM DB2 version 9.5 before FP9, IBM DB2 version 9.7 before FP5 and IBM DB2 version 9.8 before FP4

References

http://osvdb.org/80347
http://secunia.com/advisories/48279/
http://www-01.ibm.com/support/docview.wss?uid=swg1IC76899
http://www-01.ibm.com/support/docview.wss?uid=swg21588090
http://www-01.ibm.com/support/docview.wss?uid=swg27007053
http://xforce.iss.net/xforce/xfdb/73494

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0710
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

IBM DB2 Multiple Security Bypass Vulnerabilities
Sybase ASA Ping
Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
IBM DB2 Client Interfaces component Unspecified Vulnerabilities (Win)
MongoDB engine_v8 Denial of Service Vulnerability

Take action and discover your vulnerabilities