IBM db2 for Windows (98/NT/2000) is vulnerable to a simple remote denial of service attack via db2ccs.exe (listening on port 6790) and db2jds.exe (port 6789).
6c5296f9d72c17968922f22da1b6375455027b8746c894c2b6b6df7b0c2ccf53
IBM DB2 for Windows (98/NT/2000) run 2 services : db2ccs.exe (listening on
port 6790) and db2jds.exe (port 6789).
I may be wrong but these services are used to access data remotely and to
remotely manage the database.
Both can be crashed remotely: just telnet on their port, send one byte and
then close the connexion, that's all.
IBM is aware of that. They reproduced the problem and say that a patch will
be availlable in july (so this month) for version 7 and above.
Regards,
Gilles