IBM DB2 REPEAT Buffer Overflow and TLS Renegotiation Vulnerabilities (Win)

Summary
The host is installed with IBM DB2 and is prone to buffer overflow and TLS Renegotiation vulnerabilities.
Impact
Successful exploitation will allow attacker to cause a denial of service or to bypass security restrictions. Impact Level: System/Application
Solution
Update IBM DB2 9.1 FP9, For updates refer to http://www-01.ibm.com/support/docview.wss?rs=71&uid=swg27007053
Insight
The flaws are due to: - Buffer overflow error within the scalar function 'REPEAT', which could allow malicious users to cause a vulnerable server to crash. - An error in the 'TLS' implementation while handling session 're-negotiations' which can be exploited to insert arbitrary plaintext into an existing TLS session via Man-in-the-Middle (MitM) attacks.
Affected
IBM DB2 version 9.1 prior to FP9
References