4

CVE-2006-4257

IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote authenticated users to cause a denial of service (crash) by (1) sending the first ACCSEC command without an RDBNAM parameter during the CONNECT process, or (2) sending crafted SQLJRA packet, which results in a null dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmDb2 Version8.0 Editionaix
IbmDb2 Version8.0 Editionlinux
IbmDb2 Version8.0 Editionos_390
IbmDb2 Version8.1 Editionaix
IbmDb2 Version8.1 Editionhp_ux
IbmDb2 Version8.1 Editionlinux
IbmDb2 Version8.1 Editionsolaris
IbmDb2 Version8.1 Editionwindows
IbmDb2 Version8.1.4 Editionaix
IbmDb2 Version8.1.4 Editionhp_ux
IbmDb2 Version8.1.4 Editionlinux
IbmDb2 Version8.1.4 Editionsolaris
IbmDb2 Version8.1.4 Editionwindows
IbmDb2 Version8.1.5 Editionaix
IbmDb2 Version8.1.5 Editionhp_ux
IbmDb2 Version8.1.5 Editionlinux
IbmDb2 Version8.1.5 Editionsolaris
IbmDb2 Version8.1.5 Editionwindows
IbmDb2 Version8.1.6 Editionaix
IbmDb2 Version8.1.6 Editionhp_ux
IbmDb2 Version8.1.6 Editionlinux
IbmDb2 Version8.1.6 Editionsolaris
IbmDb2 Version8.1.6 Editionwindows
IbmDb2 Version8.1.6c Editionaix
IbmDb2 Version8.1.6c Editionhp_ux
IbmDb2 Version8.1.6c Editionlinux
IbmDb2 Version8.1.6c Editionsolaris
IbmDb2 Version8.1.6c Editionwindows
IbmDb2 Version8.1.7 Editionaix
IbmDb2 Version8.1.7 Editionhp_ux
IbmDb2 Version8.1.7 Editionlinux
IbmDb2 Version8.1.7 Editionsolaris
IbmDb2 Version8.1.7 Editionwindows
IbmDb2 Version8.1.7b Editionaix
IbmDb2 Version8.1.7b Editionhp_ux
IbmDb2 Version8.1.7b Editionlinux
IbmDb2 Version8.1.7b Editionsolaris
IbmDb2 Version8.1.7b Editionwindows
IbmDb2 Version8.1.8 Editionaix
IbmDb2 Version8.1.8 Editionhp_ux
IbmDb2 Version8.1.8 Editionlinux
IbmDb2 Version8.1.8 Editionsolaris
IbmDb2 Version8.1.8 Editionwindows
IbmDb2 Version8.1.8a Editionaix
IbmDb2 Version8.1.8a Editionhp_ux
IbmDb2 Version8.1.8a Editionlinux
IbmDb2 Version8.1.8a Editionsolaris
IbmDb2 Version8.1.8a Editionwindows
IbmDb2 Version8.1.9 Editionaix
IbmDb2 Version8.1.9 Editionhp_ux
IbmDb2 Version8.1.9 Editionlinux
IbmDb2 Version8.1.9 Editionsolaris
IbmDb2 Version8.1.9 Editionwindows
IbmDb2 Version8.1.9a Editionaix
IbmDb2 Version8.1.9a Editionhp_ux
IbmDb2 Version8.1.9a Editionlinux
IbmDb2 Version8.1.9a Editionsolaris
IbmDb2 Version8.1.9a Editionwindows
IbmDb2 Version8.2 Editionlinux
IbmDb2 Version8.10 Editionlinux
IbmDb2 Version8.10 Editionsolaris
IbmDb2 Version8.10 Editionwindows
IbmDb2 Version8.12 Editionlinux
IbmDb2 Version8.12 Editionsolaris
IbmDb2 Version8.12 Editionwindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.12% 0.796
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
http://secunia.com/advisories/21550
Patch
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg24013114
Patch
http://www.appsecinc.com/resources/alerts/db2/2006-09-05.shtml
http://www.securityfocus.com/archive/1/445298/100/0/threaded
http://www.securityfocus.com/archive/1/454307/100/0/threaded
http://www.securityfocus.com/bid/19586
http://www.vupen.com/english/advisories/2006/3328
Vendor Advisory