Detections
Analytics
IBM DB2 10.5 < Fix Pack 8 Multiple DoS
medium Nessus Plugin ID 94899
Language:
Synopsis
The remote database server is affected by multiple vulnerabilities.Description
According to its version, the installation of IBM DB2 10.5 running on the remote host is prior to Fix Pack 8. It is, therefore, affected by the following vulnerabilities :- A denial of service vulnerability exists in the SQLNP_SCOPE_TRIAL() function due to improper handling of SQL statements. An authenticated, remote attacker can exploit this to crash the database.
- A denial of service vulnerability exists in the Query Compiler QGM due to improper handling of specific queries. An authenticated, remote attacker can exploit this, via a specially crafted query, to crash the database.
Solution
Apply IBM DB2 version 10.5 Fix Pack 8 or later.See Also
https://www-01.ibm.com/support/docview.wss?uid=swg21633303#8
Plugin Details
Severity: Medium
ID: 94899
File Name: db2_105fp8_win.nasl
Version: 1.8
Type: local
Agent: windows
Family: Windows
Published: 11/15/2016
Updated: 1/2/2019
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/a:ibm:db2
Patch Publication Date: 9/15/2016
Vulnerability Publication Date: 9/15/2010