CVE-2007-2582 – IBM DB2 DB2JDS Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-2582
Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow." Múltiples desbordamientos de búfer en el servicio DB2 JDBC Applet Server (DB2JDS) en IBM DB2 versión 9.x y anteriores, permiten que los atacantes remotos (1) ejecuten un código arbitrario por medio de un paquete creado para el servicio DB2JDS en tcp/6789; y causa una denegación de servicio por medio de (2) un parámetro LANG no válido o (2) un paquete largo que genera un "MemTree overflow." The most severe of these vulnerabilities allows remote attackers to execute arbitrary code on vulnerable installations of IBM DB2 Universal Database. Authentication is not required to exploit these vulnerabilities. The first flaw exists in the DB2JDS service listening on TCP port 6789. A specially crafted packet is improperly processed by an internal sprintf() call resulting in a stack overflow which can be leveraged to execute arbitrary code. Additionally, two DoS condition vulnerabilities were discovered. • http://osvdb.org/40973 http://osvdb.org/40975 http://secunia.com/advisories/25148 http://www-1.ibm.com/support/search.wss?rs=0&q=IY97750&apar=only http://www.securityfocus.com/archive/1/482024/100/0/threaded http://www.securityfocus.com/bid/23890 http://www.securityfocus.com/bid/26010 http://www.securitytracker.com/id?1018029 http://www.securitytracker.com/id?1018801 http://www.vupen.com/english/advisories/2007/1707 http://www.zerodayinitiative.com/advisories/ZDI • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-1087
https://notcve.org/view.php?id=CVE-2007-1087
IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow. IBM DB2 8.x anterior a 8.1 FixPak 15 y 9.1 anterior a Fix Pack 2 no finaliza adecuadamente ciertas cadenas de entrada, lo cual permite a usuarios locales ejecutar código de su elección a través de variables de entorno no especificadas que disparan un desbordamiento de búfer basado en pila. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481 http://osvdb.org/40970 http://www-1.ibm.com/support/docview.wss?uid=swg21255747 http://www.attrition.org/pipermail/vim/2007-August/001765.html http://www.securityfocus.com/bid/22677 https://exchange.xforce.ibmcloud.com/vulnerabilities/32651 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-1088
https://notcve.org/view.php?id=CVE-2007-1088
Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables. Desbordamiento de búfer basado en pila en IBM DB2 8.x anterior a 8.1 FixPak 15 y 9.1 anterior a Fix Pack 2 permite a usuarios locales ejecutar código de su elección a través de una cadenas largas en variables no especificadas de entorno. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481 http://osvdb.org/40971 http://www-1.ibm.com/support/docview.wss?uid=swg21255747 http://www.attrition.org/pipermail/vim/2007-August/001765.html http://www.securityfocus.com/bid/22677 https://exchange.xforce.ibmcloud.com/vulnerabilities/32652 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-1086
https://notcve.org/view.php?id=CVE-2007-1086
Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access." Binarios no especificados en IBM DB2 8.x anterior a 8.1 FixPak 15 y 9.1 anterior a Fix Pack 2 permite a usuarios locales crear o modificar ficheros de su elección a través de entornos variables no especificados relacionados con "accesos de ficheros inseguros". • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481 http://osvdb.org/40969 http://www-1.ibm.com/support/docview.wss?uid=swg21255747 http://www.attrition.org/pipermail/vim/2007-August/001765.html http://www.securityfocus.com/bid/22677 https://exchange.xforce.ibmcloud.com/vulnerabilities/32650 •
CVE-2006-6638
https://notcve.org/view.php?id=CVE-2006-6638
IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257. IBM DB2 8.1 anterior a FixPak 14 permite a atacantes remotos provocar una denegación de servicio mediante un paquete SQLJRA artesanal, lo cual provoca una referencia a un puntero NULL en la función sqle_db2ra_as_recvrequest en DB2ENGN.DLL, un asunto diferente que CVE-2006-4257. • http://secunia.com/advisories/23397 http://www-1.ibm.com/support/docview.wss?uid=swg1IY91847 http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml http://www.securityfocus.com/bid/21646 •