IBM DB2 STMM Denial Of Service Vulnerability (Linux) Network Vulnerability

Summary

This host is running IBM DB2 and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow attacker to allows local users to cause a denial of service (daemon crash) via unknown vectors. Impact Level: Application

Solution

Upgrade to IBM DB2 9.7 FP5 or later, For updates refer to http://www-01.ibm.com

Insight

The flaw is due an error when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured.

Affected

IBM DB2 version 9.7 before FP5 on Linux.

Detection

Get the installed version of IBM DB2 with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/77204
http://www-01.ibm.com/support/docview.wss?uid=swg1IC70473
http://xforce.iss.net/xforce/xfdb/71043

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1373
CVSS Base Score: 1.5
AV:L/AC:M/Au:S/C:N/I:N/A:P

Related Vulnerabilities

Oracle MySQL Server Multiple Vulnerability-05 Nov12 (Windows)
Database Open Access Vulnerability
Oracle MySQL Multiple Unspecified vulnerabilities - 06 Jan14 (Windows)
IBM DB2 STMM Denial Of Service Vulnerability (Linux)
PostgreSQL Low Cost Function Information Disclosure Vulnerability

Take action and discover your vulnerabilities