Reported July 12, 2001, by Gilles Lami.
IBM’s DB2 Universal Database for Windows 2000, Windows NT
A Denial of Service (DoS) vulnerability exists in IBM’s DB2 Universal Database server. An attacker can crash the server by establishing a Telnet connection to the ports that the services “db2ccs.exe” and “db2jds.exe” are running on (typically ports 6790 and 6789) and sending 1 byte of information.
The vendor, IBM, has acknowledged this vulnerability and will release a patch for version 7 and above.
Discovered by Gilles Lami.