Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4061

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2011-4061
Last Modified 13 Feb 2012 11:09:38
Published 17 Oct 2011 09:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4061

Summary

Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header.

Vulnerable Systems

Application

  • Ibm Db2 9.7

  • Ibm Tivoli Monitoring For Databases


References

BID - 48514

BUGTRAQ - 20110629 Breaking the links: Exploiting the linker

MISC - http://www.nth-dimension.org.uk/downloads.php?id=83

MISC - http://www.nth-dimension.org.uk/downloads.php?id=77

SREASON - 8476


Last Updated: 27 May 2016 10:58:15