Date: 22 November 2007
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AA-2007.0108 AUSCERT Advisory
[Win][UNIX/Linux]
Multiple vulnerabilities in IBM DB2
22 November 2007
- ---------------------------------------------------------------------------
AusCERT Advisory Summary
------------------------
Product: DB2
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Impact: Increased Privileges
Access: Remote/Unauthenticated
CVE Names: CVE-2007-6045 CVE-2007-6046 CVE-2007-6047
CVE-2007-6048 CVE-2007-6049 CVE-2007-6050
CVE-2007-6051 CVE-2007-6052 CVE-2007-6053
Member content until: Wednesday, December 19 2007
Comment: There are a total of nine (9) vulnerabilities associated with this
advisory, but due to the lack of detail in the vendors description
of these vulnerabilities only three have been described herein.
Revision History: November 22 2007: Added CVE references.
November 21 2007: Initial Release
OVERVIEW:
IBM has reported multiple vulnerabilities in DB2 which can result
in the escalation of privileges.
IMPACT:
The follow details were released regarding these vulnerabilities: [1]
1. The db2dart tool executes tput command which effectively allows
the malicious user to run commands as the db2 instance owner.
(CVE-2007-6047)
2. A vulnerability exists in several set-uid db2 binaries that can
be exploited by a local user.
(CVE-2007-6046)
3. Incorrect permissions on acls for db2nodes.cfg
(CVE-2007-6048)
MITIGATION:
IBM have released Fixpak 4 to rectify these vulnerabilities [2].
REFERENCES:
[1] DB2 Version 9.1 for Linux, UNIX and Windows APARs by fix pack
http://www-1.ibm.com/support/docview.wss?uid=swg21255607
[2] DB2 Version 9.1 fix packs and clients
http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21255572
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBR0S/Pyh9+71yA2DNAQIRaAP/cHn6yvUg9h0xXJROMi51/xXU++F0KoO6
lGfHC3SkIDtICNc6RpbA6EG3sOMmGONzDkxNk8riL8BMIVp6dCSkC0yiYdeeNtUJ
2YFuy2OKlMDqzEljzXp52RI6RCSLey6zL41J+OsiB46zus5ZrqwAb5TrEdIjKOv0
iBOJpZhBY2w=
=ybPW
-----END PGP SIGNATURE-----
|