Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0795

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-0795
Last Modified 05 Sep 2008 04:39:25
Published 20 Oct 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0795

Summary

DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.

Vulnerable Systems

Application

  • Ibm Db2 Universal Database 8.1


References

XF - db2-rcs-gain-privileges(15420)

BID - 9821

BUGTRAQ - 20040309 IBM DB2 Remote Command Execution Privilege Upgrade (#NISR09032004)

MISC - http://www.nextgenss.com/advisories/db2rmtcmd.txt

AIXAPAR - IY53894


Last Updated: 27 May 2016 10:38:46