Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0172

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-0172
Last Modified 07 Mar 2011 10:18:01
Published 16 Jan 2009 04:30:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0172

Summary

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.

Vulnerable Systems

Application

  • Ibm Db2 Universal Database 9.1

  • Ibm Db2 Universal Database 9.5


References

BID - 33258

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21363936

XF - ibm-db2-connect-stream-dos(47931)

VUPEN - ADV-2009-0137

AIXAPAR - IZ37696

SECTRACK - 1021591

SECUNIA - 33529

CONFIRM - ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

CONFIRM - ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT

CONFIRM - ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT


Last Updated: 27 May 2016 10:50:08