This host is running IBM DB2 and is prone to privilege escalation vulnerability.
Successful exploitation will allow attacker to gain escalated privileges and bypass certain security restrictions. Impact Level: Application
Apply the appropriate fix from below link, http://www-01.ibm.com/support/docview.wss?uid=swg21646809
The flaw is due to the program failing to limit users from the EXPLAIN authority, which will allow a remote attacker to potentially execute the SELECT, INSERT, UPDATE or DELETE DML statements with elevated privileges.
IBM DB2 versions 9.8 through FP5 on Linux.
Get the installed version of IBM DB2 with the help of detect NVT and check the version is vulnerable or not.
- Oracle MySQL Multiple Unspecified vulnerabilities-04 Oct14 (Windows)
- Oracle Database Server Multiple Information Disclosure Vulnerabilities
- IBM DB2 db2pd Denial Of Service Vulnerability (Linux)
- PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
- Oracle MySQL Multiple Unspecified vulnerabilities-03 July14 (Windows)