PT-2009-4365 · Ibm · Ibm Db2
Publicado
2009-06-03
·
Atualizado
2017-08-17
·
CVE-2009-1905
CVSS v2.0
2.6
Baixa
| Vetor | AV:N/AC:H/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
IBM DB2 versions 8.0 through 8.0 FP16
IBM DB2 versions 9.1 through 9.1 FP6
IBM DB2 versions 9.5 through 9.5 FP3
Description:
The issue allows remote attackers to bypass password authentication and establish a database connection when LDAP security and anonymous bind are enabled.
Recommendations:
For IBM DB2 version 8, update to FP17 or later.
For IBM DB2 version 9.1, update to FP7 or later.
For IBM DB2 version 9.5, update to FP4 or later.
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Db2