PT-2009-2856 · Ibm · Ibm Db2
Published
2009-01-16
·
Updated
2017-08-08
·
CVE-2009-0172
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
IBM DB2 versions 8 before FP17a
IBM DB2 versions 9.1 before FP6a
IBM DB2 versions 9.5 before FP3a
Description
The issue allows remote attackers to cause a denial of service, specifically an infinite loop, by sending a crafted CONNECT data stream.
Recommendations
For IBM DB2 version 8, update to FP17a or later.
For IBM DB2 version 9.1, update to FP6a or later.
For IBM DB2 version 9.5, update to FP3a or later.
Exploit
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Db2