Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[VulnDiscuss] ptl-2003-01: IBM DB2 LOAD Command Stack Overflow Vulnerability
From: Pentest Security Advisories (alertspentest.co.uk)
Date: Wed Oct 01 2003 - 15:09:55 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Pentest Limited Security Advisory
IBM DB2 LOAD Command Stack Overflow Vulnerability
Title: IBM DB2 LOAD Command Stack Overflow Vulnerability
Announcement date: 1st October 2003
Advisory Reference: ptl-2003-01
CVE Name: CAN-2003-0836
Product: IBM DB2 Universal Database
Vulnerability Type : Buffer Overflow
Vendor-Status: Fixpack Issued
Remotely Exploitable: Yes
Locally Exploitable: Yes
Advisory URL: http://www.pentest.co.uk/
DB2 is IBM's relational database software. The IBM DB2 LOAD command,
moves data from files, named pipes, or devices into a DB2 table. This
command is vulnerable to a stack based overflow that allows an attacker
with "Connect" privileges to the database to execute arbitrary code on
the vulnerable machine, by default in the context of the Administrators
group on Windows and typically db2as or db2inst1 on Linux.
The vulnerability is triggered by issuing a carefully crafted LOAD
IBM DB2 Universal Data Base v7.2 for Linux/x86 is vulnerable.
IBM DB2 Universal Data Base v7.2 for Windows is vulnerable.
According to the vendor IBM DB2 Universal Data Base v8.1 is also
vulnerable. Other IBM DB2 versions and target platforms were not
available for testing, but may be vulnerable as well.
The vendor stated that 'the problem was in common code and therefore
affected all platforms and both v7 and v8 (though not all of those would
have been exploitable).'
- - Pentest Notification: 20-11-2002
- - Notification acknowledged by IBM: 22-11-2002
- - Fixes available from: 17-09-2003
Issue is fixed in Fixpak 10/10a for DB2 v7.2.
Issue is fixed in Fixpak 2 for DB2 v8.1.
Fixpaks are available at:
This vulnerability was discovered by Mark Rowe from Pentest Limited.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
-----END PGP SIGNATURE-----