Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3959

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-3959
Last Modified 06 Feb 2009 01:58:58
Published 10 Sep 2008 09:13:47
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3959

Summary

IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.

Vulnerable Systems

Application

  • Ibm Db2 8.1

  • Ibm Db2 8.2


References

AIXAPAR - IZ05043

XF - ibm-db2-connect-attach-dos2(45134)

MISC - http://www.appsecinc.com/resources/alerts/db2/2008-01.shtml

SECUNIA - 29022


Last Updated: 27 May 2016 10:48:22