IBM DB2 JDBC Applet Server Bug Let Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1020826 |
|
SecurityTracker URL: http://securitytracker.com/id/1020826
|
|
CVE Reference:
CVE-2008-3960
(Links to External Site)
|
Updated: Oct 8 2008
|
Original Entry Date: Sep 9 2008
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 8.2 prior to Fixpack 17
|
Description:
A vulnerability was reported in IBM DB2. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to the IBM DB2 JDBC Applet Server Service (DB2JDS) to cause the target service to crash.
IBM has assigned APARs JR29274 to this vulnerabilities.
Ariel Sanchez of ApplicationSecurity Inc. reported this vulnerability.
|
Impact:
A remote user can cause the target service to crash.
|
Solution:
The vendor has issued a fix (8.2 Fixpak 17).
The vendor's advisory is available at:
http://www-01.ibm.com/support/docview.wss?uid=swg1JR29274
|
Vendor URL: www-01.ibm.com/support/docview.wss?uid=swg1JR29274 (Links to External Site)
|
Cause:
Not specified
|
Underlying OS:
Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
