Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3856

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3856
Last Modified 12 Aug 2009 12:00:00
Published 28 Aug 2008 01:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3856

Summary

The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors.

Vulnerable Systems

Application

  • Ibm Db2 Universal Database 8

  • Ibm Db2 Universal Database 8.0

  • Ibm Db2 Universal Database 9.1


References

BID - 29601

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21255607

AIXAPAR - IZ20352

AIXAPAR - IZ19155

XF - ibm-db2-infrastructure-unspecified(45140)

BID - 31058

AIXAPAR - IZ20350

SECUNIA - 31787

SECUNIA - 29784

CONFIRM - ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

CONFIRM - ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT


Last Updated: 27 May 2016 10:48:19