Reported January 5, 2004, by NGSSoftware

VERSIONS AFFECTED

DB2 versions 8.1 and 7.x

DESCRIPTION

Multiple vulnerabilities have been discovered in IBM DB2. The vulnerabilities include numerous buffer overflow conditions, the ability to read and write files on a remote system, Denial of Service (DoS) attacks, and weak permissions on shared memory.

VENDOR RESPONSE

IBM has issued patches to correct these problems which can be obtained by downloading the latest FixPak for DB2 8.1 or DB2 7.x.

CREDIT
Discovered by Next Generation Security (NGS) Software