Database system: A hole in IBM Db2 endangers Linux, Unix and Windows
Source: Heise.de added 23rd Nov 2020
By successfully exploiting a security gap, attackers could attack systems with the IBM Db2 database system with malicious code. Admins should install the secured versions as soon as possible.
The vulnerability (CVE – 2020 – 4701) is with the threat level ” high ” Mistake. In a warning message, IBM writes that the versions for Linux, Unix and Windows are affected. Db2 Connect Server is also vulnerable.
Root gap If an attacker has local access to a compromised system, he could trigger a memory error (buffer overflow) in an unspecified way and as a result execute malicious code with root rights.
Thereof are the versions V 10. 5, V 11. 1 and 11. 5 affected. V 10. 1 and 9.7 are not vulnerable according to IBM. So far only the secured output is 10. 5.5.0 published. For the other versions there are special builds in which the developers have closed the gap.
After a note to the reader, affected platforms in the preview text adapted.
(of)
brands: IBM media: Heise.de keywords: Memory Server Windows
Related posts
Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 88
Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 88
Related Products
Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 91
Warning: Invalid argument supplied for foreach() in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 91