[ insider_reports_insider ]
IBM Patches Serious DB2 Flaws
David Utter
Staff Writer
2007-02-23
 Insider Reports RSS Feed
Multiple vulnerabilities in IBM's DB2 Universal Database presented the potential for local exploitation, which could have led to privilege escalation to root.
 | | IBM Patches Serious DB2 Flaws |  |
Administrators of IBM DB2 Universal Database should make sure they have the relevant Fix Packs in place on their systems.
Vulnerabilities reported to IBM in November 2006 by iDefense Labs and recently disclosed could have been attacked locally and presented plenty of problems.
One issue with DB2INSTANCE file creation could have allowed a local user to write to any file on the system through the use of symbolic links. Said iDefense:
Specifically, when supplying the DB2INSTANCE environment variable, the setuid-root DB2 administration binaries will use the home directory of the specified user for loading configuration data. This allows attackers create or append to arbitrary files by creating a specific executing environment.
Also, iDefense found several privilege escalation vulnerabilities, due to a design error in DB2. Again from iDefense:
A heap-based buffer overflow vulnerability can occur when copying data from an environment variable. The variable contents are copied to a static BSS segment buffer without ensuring proper NUL termination. Consequently, this allows an attacker to cause a heap overflow in a later function call.
A stack-based buffer overflow can occur when an environment variable contains a long string. By specifying a specially crafted value, it is possible to overwrite the return address of a function and execute arbitrary code.
Such exploits could have caused denial of service conditions, or escalation to root. All of the issues reported here exist on DB2 installations on UNIX, Linux, or Windows systems.
Bonus Recap: Your bank may have been a target of a massive pharming attack that took place over nearly three days of this week.
Security firm Websense discovered several dozen financial institutions and their customers could have been victimized by attacks.
Those attacks would have placed Trojans on computers, with a bot controller in Russia uploading or downloading files to them.
Once a victim connected to a financial site targeted by the thieves, the Trojaned files would have been able to grab login credentials and send them to the criminals.
Websense also said that the Australian Prime Minister spam that had been hitting inboxes early in the week appeared to be related to the bank pharming scheme.
---
Tags: IBM, DB2, iDefense
Add to  Del.icio.us |  Digg |  Reddit |  Furl
Get all the updates - 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
