CVSS: 7.2EPSS: 1%CPEs: 1EXPL: 0CVE-2004-0795 – IBM DB2 Db2rcmd.exe Command Execution
https://notcve.org/view.php?id=CVE-2004-0795
DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe. El servidor de órdenes remoto de DB2 8.1 (DB2RCMD.EXE) ejecuta el programa db2rcmdc.exe como el adminstrador db2admin, lo que permite a usuarios locales ganar privilegios mediante la tubería con nombre DB2REMOTECMD. • http://marc.info/?l=bugtraq&m=107885081414173&w=2 http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894 http://www.nextgenss.com/advisories/db2rmtcmd.txt http://www.securityfocus.com/bid/9821 https://exchange.xforce.ibmcloud.com/vulnerabilities/15420 •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 3CVE-2003-1052 – IBM DB2 - Shared Library Injection
https://notcve.org/view.php?id=CVE-2003-1052
IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. IBM DB2 7.1 y 8.1 permite al usuario bin ganar privilegios de root modificando las librerías compartidas usadas por programas con setuid de root. • https://www.exploit-db.com/exploits/22989 http://www.securityfocus.com/archive/1/331904 http://www.securityfocus.com/bid/8346 https://exchange.xforce.ibmcloud.com/vulnerabilities/12826 •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2003-1049
https://notcve.org/view.php?id=CVE-2003-1049
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. IBM DB2 Universal Database 7 antes de FixPak 12 crea ciertos directorios DMS con permisos inseguros (777), lo que permite a usuarios locales modificar o borrar ciertos ficheros DB2. • http://www-1.ibm.com/support/search.wss?rs=0&q=IY44841&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY44842&apar=only http://www.securityfocus.com/bid/9243 https://exchange.xforce.ibmcloud.com/vulnerabilities/14030 •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 1CVE-2003-0898 – IBM DB2 db2job - File Overwrite
https://notcve.org/view.php?id=CVE-2003-0898
IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2. IBM DB2 anteriores a FixPak 10a, y versiones anteriores incluyendo la 7.1, permite a usuarios locales sobreescribir ficheros arbitrarios y ganar privilegios mediante un ataque de enlaces simbólicos sobre d2job o db2job2. • https://www.exploit-db.com/exploits/22988 ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt http://marc.info/?l=bugtraq&m=106010332721672&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0837
https://notcve.org/view.php?id=CVE-2003-0837
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command. Desbordamiento de búfer basado en la pila en IBM DB2 Universal Data Base 7.2 para Windows anteriores a Fixpak 10a permite a atacantes con privilegio de "Connect" ejecutar código arbitrario mediante el comando INVOKE. • http://marc.info/?l=bugtraq&m=106503709914622&w=2 http://www.securityfocus.com/bid/8743 https://exchange.xforce.ibmcloud.com/vulnerabilities/13331 •