Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3855

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2008-3855
Last Modified 07 Mar 2011 10:11:31
Published 28 Aug 2008 01:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-3855

Summary

Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664.

Vulnerable Systems

Application

  • Ibm Db2 Universal Database 9.1


References

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21255607

XF - ibm-db2-adminserver-privilege-escalation(42932)

VUPEN - ADV-2008-1769

BID - 29601

AIXAPAR - IZ12735

SECUNIA - 30558


Last Updated: 27 May 2016 10:48:19