IBM DB2 Db2pd Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

The host is installed with IBM DB2 and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will allow attacker to cause a denial of service (null pointer dereference and application crash). Impact Level: System/Application

Solution

Update IBM DB2 9.1 FP7, 9.5 FP5, http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg24022678

Insight

The flaw is due to a null pointer dereference error in db2pd within the problem determination component via unspecified vectors.

Affected

IBM DB2 version 9.1 prior to FP7 IBM DB2 version 9.5 prior to FP5

References

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4332

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Oracle MySQL Server Component 'Optimizer' Unspecified vulnerability Oct-2013 (Windows)
MySQL Authentication Bypass
Oracle MySQL Multiple Unspecified vulnerabilities - 03 Jan14 (Windows)
IBM DB2 OLAP Specification Query Denial of Service Vulnerability
PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

IBM DB2 db2pd Denial Of Service Vulnerability (Win)

Take action and discover your vulnerabilities