Lucene search

MitreCVE-2005-4736

HistoryMar 19, 2006 - 11:00 p.m.

CVE-2005-4736

2006-03-1923:00:00

mitre

web.nvd.nist.gov

ibm

db2

udb

820

8.2 fp10

denial of service

vulnerability

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.3

Confidence

High

EPSS

0.004

Percentile

74.6%

JSON

IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks.

Affected configurations

Nvd

Node

ibmdb2_universal_databaseMatch8.0linux

ibmdb2_universal_databaseMatch8.1aix

ibmdb2_universal_databaseMatch8.1.4

ibmdb2_universal_databaseMatch8.1.5

ibmdb2_universal_databaseMatch8.1.6

ibmdb2_universal_databaseMatch8.1.6c

ibmdb2_universal_databaseMatch8.1.7

ibmdb2_universal_databaseMatch8.1.7b

ibmdb2_universal_databaseMatch8.1.8

ibmdb2_universal_databaseMatch8.1.8a

ibmdb2_universal_databaseMatch8.1.9

ibmdb2_universal_databaseMatch8.1.9a

VendorProductVersionCPE
ibmdb2_universal_database8.0cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*
ibmdb2_universal_database8.1cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*
ibmdb2_universal_database8.1.4cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*
ibmdb2_universal_database8.1.5cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*
ibmdb2_universal_database8.1.6cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*
ibmdb2_universal_database8.1.6ccpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*
ibmdb2_universal_database8.1.7cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*
ibmdb2_universal_database8.1.7bcpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*
ibmdb2_universal_database8.1.8cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*
ibmdb2_universal_database8.1.8acpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	db2_universal_database	8.0	cpe:2.3:a:ibm:db2_universal_database:8.0::linux:::::
ibm	db2_universal_database	8.1	cpe:2.3:a:ibm:db2_universal_database:8.1::aix:::::
ibm	db2_universal_database	8.1.4	cpe:2.3:a:ibm:db2_universal_database:8.1.4:::::::*
ibm	db2_universal_database	8.1.5	cpe:2.3:a:ibm:db2_universal_database:8.1.5:::::::*
ibm	db2_universal_database	8.1.6	cpe:2.3:a:ibm:db2_universal_database:8.1.6:::::::*
ibm	db2_universal_database	8.1.6c	cpe:2.3:a:ibm:db2_universal_database:8.1.6c:::::::*
ibm	db2_universal_database	8.1.7	cpe:2.3:a:ibm:db2_universal_database:8.1.7:::::::*
ibm	db2_universal_database	8.1.7b	cpe:2.3:a:ibm:db2_universal_database:8.1.7b:::::::*
ibm	db2_universal_database	8.1.8	cpe:2.3:a:ibm:db2_universal_database:8.1.8:::::::*
ibm	db2_universal_database	8.1.8a	cpe:2.3:a:ibm:db2_universal_database:8.1.8a:::::::*

Rows per page:

1-10 of 121

References

secunia.com/advisories/17031

www-1.ibm.com/support/docview.wss?uid=swg1IY70561

www.securityfocus.com/bid/15126

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.3

Confidence

High

EPSS

0.004

Percentile

74.6%

JSON

Related for CVE-2005-4736