Lucene search
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.DB2_105FP1.NASLHistorySep 06, 2013 - 12:00 a.m.
IBM DB2 10.5 < Fix Pack 1 Security Bypass
2013-09-0600:00:00
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
CVSS2
4.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
EPSS
0.003
Percentile
71.1%
According to its version, the installation of IBM DB2 10.5 running on the remote host is affected by a security bypass vulnerability.
An unspecified error exists that can allow an attacker to gain SELECT, INSERT, UPDATE, or DELETE permissions to database tables.
Note that successful exploitation requires the rights EXPLAIN, SQLADM, or DBADM.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(69800);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id("CVE-2013-4033");
script_bugtraq_id(62018);
script_name(english:"IBM DB2 10.5 < Fix Pack 1 Security Bypass");
script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by security bypass
vulnerability.");
script_set_attribute(attribute:"description", value:
"According to its version, the installation of IBM DB2 10.5 running on
the remote host is affected by a security bypass vulnerability.
An unspecified error exists that can allow an attacker to gain SELECT,
INSERT, UPDATE, or DELETE permissions to database tables.
Note that successful exploitation requires the rights EXPLAIN, SQLADM,
or DBADM.");
script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21646809");
script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg24035569");
script_set_attribute(attribute:"solution", value:
"Apply IBM DB2 version 10.5 Fix Pack 1 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/08/22");
script_set_attribute(attribute:"patch_publication_date", value:"2013/08/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/06");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:db2");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("db2_das_detect.nasl");
script_require_ports("Services/db2das", 523);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("db2_report_func.inc");
port = get_service(svc:"db2das", default:523, exit_on_fail:TRUE);
level = get_kb_item_or_exit("DB2/" + port + "/Level");
if (level !~ '^10\\.5\\.') exit(0, "The version of IBM DB2 listening on port "+port+" is not 10.5.");
platform = get_kb_item_or_exit("DB2/"+port+"/Platform");
platform_name = get_kb_item("DB2/"+port+"/Platform_Name");
if (isnull(platform_name))
{
platform_name = platform;
report_phrase = "platform " + platform;
}
else
report_phrase = platform_name;
vuln = FALSE;
# Windows 32-bit/64-bit
if (platform == 5 || platform == 23)
{
fixed_level = '10.5.100.63';
if (ver_compare(ver:level, fix:fixed_level) == -1)
vuln = TRUE;
}
# Others
else if (
# Linux, 2.6 kernel 32/64-bit
platform == 18 ||
platform == 30 ||
# AIX
platform == 20
)
{
fixed_level = '10.5.0.1';
if (ver_compare(ver:level, fix:fixed_level) == -1)
vuln = TRUE;
}
else
{
info =
'Nessus does not support version checks against ' + report_phrase + '.\n' +
'To help us better identify vulnerable versions, please send the platform\n' +
'number along with details about the platform, including the operating system\n' +
'version, CPU architecture, and DB2 version to [email protected].\n';
exit(1, info);
}
if (vuln)
{
report_db2(
severity : SECURITY_WARNING,
port : port,
platform_name : platform_name,
installed_level : level,
fixed_level : fixed_level);
}
else audit(AUDIT_LISTEN_NOT_VULN, "DB2", port, level);
Related
ibm
ibm
openvas
openvas
cve
cve
CVE-2013-4033
2013-08-28 13:13:58
prion
prion
Code injection
2013-08-28 13:13:00
cvelist
cvelist
CVE-2013-4033
2013-08-28 10:00:00
nvd
nvd
CVE-2013-4033
2013-08-28 13:13:58
nessus
nessus
IBM DB2 10.1 < Fix Pack 3 Multiple Vulnerabilities (credentialed check)
2013-10-16 00:00:00
IBM DB2 10.1 < Fix Pack 3 Multiple Vulnerabilities
2013-10-16 00:00:00
IBM DB2 9.7 < Fix Pack 9 Multiple Vulnerabilities
2013-12-18 00:00:00
CVSS2
4.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
EPSS
0.003
Percentile
71.1%
Related for DB2_105FP1.NASL