Lucene search
MitreCVE-2006-6638HistoryDec 19, 2006 - 8:28 p.m.
CVE-2006-6638
2006-12-1920:28:00
mitre
web.nvd.nist.gov
33
ibm
db2
8.1
denial of service
sqljra
null pointer
cve-2006-6638
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
High
EPSS
0.084
Percentile
94.5%
IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257.
Affected configurations
Node
ibmdb2_universal_databaseMatch8.1aix
ORibmdb2_universal_databaseMatch8.1.4
ORibmdb2_universal_databaseMatch8.1.5
ORibmdb2_universal_databaseMatch8.1.6
ORibmdb2_universal_databaseMatch8.1.6c
ORibmdb2_universal_databaseMatch8.1.7
ORibmdb2_universal_databaseMatch8.1.7b
ORibmdb2_universal_databaseMatch8.1.8
ORibmdb2_universal_databaseMatch8.1.8a
ORibmdb2_universal_databaseMatch8.1.9
ORibmdb2_universal_databaseMatch8.1.9a
ORibmdb2_universal_databaseMatch8.10
ORibmdb2_universal_databaseMatch8.12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | db2_universal_database | 8.1 | cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:* |
| ibm | db2_universal_database | 8.1.4 | cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:* |
| ibm | db2_universal_database | 8.1.5 | cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:* |
| ibm | db2_universal_database | 8.1.6 | cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:* |
| ibm | db2_universal_database | 8.1.6c | cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:* |
| ibm | db2_universal_database | 8.1.7 | cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:* |
| ibm | db2_universal_database | 8.1.7b | cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:* |
| ibm | db2_universal_database | 8.1.8 | cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:* |
| ibm | db2_universal_database | 8.1.8a | cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:* |
| ibm | db2_universal_database | 8.1.9 | cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2006-6638
2006-12-19 20:28:00
CVE-2006-4257
2006-08-21 20:04:00
cvelist
cvelist
CVE-2006-6638
2006-12-19 20:00:00
CVE-2006-4257
2006-08-21 20:00:00
nessus
nessus
IBM DB2 < 8.1 Fix Pack 14 Multiple Vulnerabilities
2006-12-23 00:00:00
IBM DB2 < 8.1 Fix Pack 13 CONNECT Processing Unspecified DoS
2006-12-23 00:00:00
cve
cve
CVE-2006-4257
2006-08-21 20:04:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
IBM DB2 Remote DoS during CONNECT processing
2006-12-14 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
High
EPSS
0.084
Percentile
94.5%
Related for CVE-2006-6638