iDefense Security Advisory 08.16.07 - Local exploitation of a directory traversal vulnerability in IBM Corp.'s DB2 Universal Database allows attackers to cause a denial of service (DoS) condition or elevate privileges to root. Some DB2 binaries that are installed setuid-root will save event information to a log file. When creating the full path to the destination file, an environment variable is concatenated with "/tmp/". Since there is no checking for path traversal strings, such as "../", within the environment variable, an attacker is able to create arbitrary files on the system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
6f620eab6537c31509d20ac985ce18180b4e6d3c22825695c8acd36e676cfc76
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed