Download
| Alert*
|
oval:org.secpod.oval:def:1365
IBM DB2 is installed oval:org.secpod.oval:def:5160 The host is installed with IBM DB2 9.5 before FP9 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle ITMA. Successful exploitation allows attackers to gain privileges via unknown vectors. oval:org.secpod.oval:def:5153 The host is installed with IBM DB2 9.5 before FP9 and is prone to insecure file-permissions vulnerability. A flaw is present in the application, which uses world-writable permissions for nodes.reg. Successful exploitation has unspecified impact and attack vectors. oval:org.secpod.oval:def:5162 The host is installed with IBM DB2 9.5 before FP9 and is prone to insecure file-permissions vulnerability. A flaw is present in the application, which uses world-writable permissions for nodes.reg. Successful exploitation has unspecified impact and attack vectors. oval:org.secpod.oval:def:68028 The host is installed with IBM DB2 9.7 before FP11, 10.1 before FP6, 10.5 before FP11, 11.1 before FP5 and 11.5 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle unspecified vector. Successful exploitation allows a local attacker to cause a ... oval:org.secpod.oval:def:6310 The host is installed with 9.7 before FP6 or 9.8 before FP5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted request. Successful exploitation allows remote attackers to cause NULL pointer dereference, and resource consumption or d ... oval:org.secpod.oval:def:6521 The host is installed with IBM DB2 9.1 before FP12 or 9.5 through FP9 or 9.7 through FP6 or 10.1 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle Java Stored Procedure infrastructure. Successful exploitation allows remote authent ... oval:org.secpod.oval:def:6525 The host is installed with IBM DB2 9.1 before FP12 or 9.5 through FP9 or 9.7 through FP6 or 9.8 through FP5 or 10.1 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle the GET_WRAP_CFG_C or GET_WRAP_CFG_C2 stored procedure. Successful exploitati ... oval:org.secpod.oval:def:6524 The host is installed with IBM DB2 9.1 before FP12 or 9.5 through FP9 or 9.7 through FP6 or 9.8 through FP5 or 10.1 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle Java Stored Procedure infrastructure. Successful exploitation al ... oval:org.secpod.oval:def:6523 The host is installed with IBM DB2 9.1 before FP12 or 9.5 through FP9 or 9.7 through FP6 or 10.1 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to handle SQLJ.DB2_INSTALL_JAR stored procedure. Successful exploitation allows remote attackers to re ... oval:org.secpod.oval:def:6203 The host is installed with IBM DB2 9.7 before FP6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted request. Successful exploitation allows remote attackers to cause NULL pointer dereference, and resource consumption or daemon cras ... oval:org.secpod.oval:def:6522 The host is installed with IBM DB2 9.1 before FP12 or 9.5 through FP9 or 9.7 through FP6 or 10.1 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle the GET_WRAP_CFG_C or GET_WRAP_CFG_C2 stored procedure. Successful exploitation allows attackers ... oval:org.secpod.oval:def:6526 The host is installed with IBM DB2 9.1 before FP12 or 9.5 through FP9 or 9.7 through FP6 or 9.8 through FP5 or 10.1 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to handle SQLJ.DB2_INSTALL_JAR stored procedure. Successful exploitation allows rem ... oval:org.secpod.oval:def:75403 The host is installed with IBM DB2 9.7 through FP 11, 10.1 through FP6, 10.5 through FP11, 11.1 through 11.1.4FP4 and is prone to an exposure of sensitive information to an unauthorized actor vulnerability. A flaw is present in the application which fails to handle an issue in the db2cacpy. Successf ... oval:org.secpod.oval:def:4552 The host is installed with IBM DB2 9.7 before FP3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions. Successful exploitation could allow a ... oval:org.secpod.oval:def:1364 The host is installed with IBM DB2 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to properly enforce privilege requirements for table access. Successful exploitation allows remote authenticated users to modify statistics columns of table SYSSTAT. oval:org.secpod.oval:def:4555 The host is installed with IBM DB2 9.7 before FP3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly enforce privilege requirements for execution of entries in the dynamic SQL cache. Successful exploitation could allow authenticated users t ... oval:org.secpod.oval:def:1366 The host is installed with IBM DB2 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle an error in the relational data services component. Successful exploitation allows remote attackers to grant users privileges after the membership has been re ... oval:org.secpod.oval:def:4553 The host is installed with IBM DB2 9.7 before FP3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly enforce privilege requirements for execution of entries in the dynamic SQL cache. Successful exploitation could allow authenticated users t ... oval:org.secpod.oval:def:4554 The host is installed with IBM DB2 9.7 before FP3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions. Successful exploitation could allow a ... oval:org.secpod.oval:def:5157 The host is installed with IBM DB2 9.5 before FP9 and is prone to denial of service vulnerability. A flaw is present in the application, which calls the XMLPARSE function with a crafted string expression. Successful exploitation allows remote attackers to deny service to legitimate users. oval:org.secpod.oval:def:5156 The host is installed with IBM DB2 9.5 before FP9 and is prone to security bypass vulnerability. A flaw is present in the application, which is caused by improper checks on variables. Successful exploitation allows remote authenticated users to bypass intended restrictions on viewing table data by l ... oval:org.secpod.oval:def:5155 The host is installed with IBM DB2 9.1 before FP11 or 9.5 before FP9 or 9.7 before FP5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted Distributed Relational Database Architecture (DRDA) request. Successful exploitation allows re ... oval:org.secpod.oval:def:5154 The host is installed with IBM DB2 9.5 before FP9 and is prone to denial of service vulnerability. A flaw is present in the application, which calls the XMLPARSE function with a crafted string expression. Successful exploitation allows remote attackers to deny service to legitimate users. oval:org.secpod.oval:def:5159 The host is installed with IBM DB2 9.5 before FP9 and is prone to security bypass vulnerability. A flaw is present in the application, which is caused by improper checks on variables. Successful exploitation allows remote authenticated users to bypass intended restrictions on viewing table data by l ... oval:org.secpod.oval:def:5158 The host is installed with IBM DB2 9.1 before FP11 or 9.5 before FP9 or 9.7 before FP5 or 9.8 before FP4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted Distributed Relational Database Architecture (DRDA) request. Successful expl ... oval:org.secpod.oval:def:5161 The host is installed with IBM DB2 9.1 through FP11 or 9.5 before FP9 or 9.7 through FP5 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which is caused by a signedness error in the db2dasrrm process. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:7512 The host is installed with IBM DB2 9.1, 9.5, 9.7 before FP7, 9.8 or 10.1 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle SQL/PSM Stored Procedure. Successful exploitation allows remote authenticated users to execute arbitrary cod ... oval:org.secpod.oval:def:7511 The host is installed with IBM DB2 9.1, 9.5, 9.7 before FP7 or 10.1 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle SQL/PSM Stored Procedure. Successful exploitation allows remote authenticated users to execute arbitrary code by ... oval:org.secpod.oval:def:651 The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to security vulnerability. A flaw is present in Net Search Extender (NSE) implementation in the Security component in IBM DB2 which uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in ... oval:org.secpod.oval:def:650 The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to security vulnerability. A flaw is present in security component in IBM DB2 which logs AUDIT events by using a USERID and an AUTHID value corresponding to the instance owner, instead of a USERID and an AUTHID value corresponding t ... oval:org.secpod.oval:def:652 The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to denial of service vulnerability. A flaw is present in Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 which does not properly handle an alphanumeric fuzzy search. Successful exploitation allow re ... oval:org.secpod.oval:def:648 he host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to denial of service vulnerability. A flaw is present in "Query Compiler, Rewrite, Optimizer" component in IBM DB2 which fails to authenticate a crafted query involving certain UNION ALL. Successful exploitation allow remote authenti ... oval:org.secpod.oval:def:647 The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to denial of service vulnerability. A flaw is present in relational data services component in IBM DB2 which fails to properly handle connection when the connection concentrator is enabled. Successful exploitation allow remote authe ... oval:org.secpod.oval:def:649 The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to denial of service vulnerability. A flaw is present in relational data services component in IBM DB2 which fails to authenticate user-defined function, stored procedure while using a different code page than the database server. S ... oval:org.secpod.oval:def:644 The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to denial of service vulnerability. A flaw is present in administration server component in IBM DB2 which fails to properly handle buffer allocation. Successful exploitation allow remote attackers to cause a denial of service or pos ... oval:org.secpod.oval:def:643 The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to security vulnerability. A flaw is present in install component in IBM DB2 which enforces an unintended limit on password length. Successful exploitation allow remote attackers to obtain access via a brute-force attack. oval:org.secpod.oval:def:646 The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to security vulnerability. A flaw is present in engine utilities component in IBM DB2 which fails to properly handle world-writable permissions for the sqllib/cfg/db2sprf file. Successful exploitation allow local users to gain privi ... oval:org.secpod.oval:def:645 The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to denial of service vulnerability. A flaw is present in DRDA Services component in IBM DB2 which fails to properly handle client CLI in executing a prepared statement with a large number of parameter markers. Successful exploitatio ... oval:org.secpod.oval:def:7151 The host is installed with IBM DB2 V10.1 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to handle the UTL_FILE module. Successful exploitation allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file ... oval:org.secpod.oval:def:19 IBM DB2 is installed oval:org.secpod.oval:def:534 The host is installed with IBM DB2 and is prone to buffer overflow vulnerability. A flaw is present in DB2 Administration Server in the application, which is caused due to a boundary error in the "receiveDASMessage()" function in db2dasrrm. Successful exploitation allows remote attackers a trap in D ... oval:org.secpod.oval:def:535 The host is installed with IBM DB2 and is prone to security bypass vulnerability. A flaw is present in the application which is caused due to an error in the application while revoking "DBADM" privileges which can lead to users still being able to execute non-DDL statements. Successful exploitation ... oval:org.secpod.oval:def:2280 The host is installed with IBM DB2 9.1 before FP10 or 9.5 before FP7 or 9.7 before FP3 and is prone to buffer overflow vulnerability. A flaw is present in the DB2 Administration Server (DAS) component of the application, which is caused due to a boundary error in the "receiveDASMessage()" function i ... oval:org.secpod.oval:def:2281 The host is installed with IBM DB2 9.1 before FP10 or 9.5 before FP6a or 9.7 before FP2 and is prone to security bypass vulnerability. A flaw is present in the application, which is caused due to an error in the application while revoking "DBADM" privileges which can lead to users still being able t ... oval:org.secpod.oval:def:640 The host is installed with IBM DB2 9.1 before FP9 or 9.5 before FP6 or 9.7 before FP2 and is prone to Unspecified vulnerability. A flaw is present in the DB2STST program in the application which fails to avoid unspecified error within DB2STST. Successful exploitation allow attackers to have unknown ... oval:org.secpod.oval:def:642 The host is installed with IBM DB2 9.1 before FP9 or 9.5 before FP6a or 9.7 before FP2 and is prone to Heap-based buffer overflow vulnerability. A flaw is present in the application which does not properly handle bounds check. Successful exploitation allow remote attacker could overflow a buffer and ... oval:org.secpod.oval:def:840 The host is installed with IBM DB2 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to properly enforce privilege requirements for table access. Successful exploitation allows remote authenticated users to modify SYSSTAT.TABLES statistics columns. oval:org.secpod.oval:def:641 The host is installed with IBM DB2 9.1 before FP9 and is prone to Denial of service vulnerability. A flaw is present in the REPEAT function in the application which fails to avoid buffer overflow error. Successful exploitation allow remote authenticated attacker could exploit this vulnerability to o ... oval:org.secpod.oval:def:637 The host is installed with IBM DB2 9.7 before FP2 and is prone to denial of service vulnerability. A flaw is present in AUTO_REVAL database configuration parameter in the application which fails to handle an error during special group and user enumeration. Successful exploitation allows an attacker ... oval:org.secpod.oval:def:636 The host is installed with IBM DB2 9.7 before FP2 and is prone to security vulnerability. A flaw is present in the SYSIBMADM schema in the application which does not perform the expected access control on the monitor administrative views. Successful exploitation allow remote attackers can obtain sen ... oval:org.secpod.oval:def:639 The host is installed with IBM DB2 9.1 before FP9 or 9.5 before FP6 or 9.7 before FP2 and is prone to Privilege escalation vulnerability. A flaw is present in the DB2DART tool in the application which fails to avoid unspecified error in the DB2DART tool. Successful exploitation allows an attacker co ... oval:org.secpod.oval:def:638 The host is installed with IBM DB2 9.1 before FP9 or 9.5 before FP6 or 9.7 before FP2 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle an error during special group and user enumeration. Successful exploitation allows an attacker could rap t ... oval:org.secpod.oval:def:8078 The host is installed with IBM DB2 9.7 before FP6 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to properly handle the XML files. Successful exploitation allows remote authenticated users to read arbitrary XML files via unknown vectors. oval:org.secpod.oval:def:8079 The host is installed with IBM DB2 9.7 before FP6 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to properly handle the XML files. Successful exploitation allows remote authenticated users to read arbitrary XML files via unknown vectors. oval:org.secpod.oval:def:839 The host is installed with IBM DB2 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle an error in the relational data services component. Successful exploitation allows remote attackers to grant users privileges after the membership has been re ... oval:org.secpod.oval:def:59844 The host is installed with IBM DB2 9.7 through FP11, 10.1 through FP6, 10.5 through FP10 or 11.1 before FP5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the boundary checks issue. Successful exploitation allows an authenticated ... |
