CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
92.2%
According to its version, the installation of IBM DB2 9.7 running on the remote host is prior to Fix Pack 5. It is, therefore, affected by multiple denial of service vulnerabilities :
On Unix and Unix-like systems with both the Self Tuning Memory Manager (STMM) feature enabled and the โDATABASE_MEMORYโ option set to โAUTOMATICโ, local users are able to carry out denial of service attacks via unknown vectors. (IC70473 / CVE-2011-1373)
A denial of service vulnerability exists in the version of Java that is bundled with the IBM Software Development Kit for Java. (PM32387 / CVE-2010-4476)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(56928);
script_version("1.14");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id("CVE-2010-4476", "CVE-2011-1373");
script_bugtraq_id(46091, 50686);
script_name(english:"IBM DB2 9.7 < Fix Pack 5 Multiple Denial of Service Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by multiple denial of service
vulnerabilities.");
script_set_attribute(attribute:"description", value:
"According to its version, the installation of IBM DB2 9.7 running on
the remote host is prior to Fix Pack 5. It is, therefore, affected by
multiple denial of service vulnerabilities :
- On Unix and Unix-like systems with both the Self Tuning
Memory Manager (STMM) feature enabled and the
'DATABASE_MEMORY' option set to 'AUTOMATIC', local
users are able to carry out denial of service attacks
via unknown vectors. (IC70473 / CVE-2011-1373)
- A denial of service vulnerability exists in the version
of Java that is bundled with the IBM Software
Development Kit for Java. (PM32387 / CVE-2010-4476)");
# https://www.ibm.com/support/knowledgecenter/SSEPGG_9.7.0/com.ibm.db2.luw.wn.doc/doc/c0056050.html?origURL=api/redirect/db2luw/v9r7/index.jsp
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?be5c7fe3");
# http://www-01.ibm.com/support/docview.wss?uid=swg21450666
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bf39bb4c");
# https://www-304.ibm.com/support/docview.wss?uid=swg21469961
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?41b02357");
script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg1IC70473");
script_set_attribute(attribute:"solution", value:
"Apply IBM DB2 version 9.7 Fix Pack 5 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2011/10/28");
script_set_attribute(attribute:"patch_publication_date", value:"2011/10/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/11/23");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:db2");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2011-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("db2_das_detect.nasl");
script_require_ports("Services/db2das", 523);
exit(0);
}
include("global_settings.inc");
include("misc_func.inc");
include("db2_report_func.inc");
port = get_service(svc:"db2das", default:523, exit_on_fail:TRUE);
level = get_kb_item_or_exit("DB2/"+port+"/Level");
if (level !~ "^9\.7\.") exit(0, "The version of IBM DB2 listening on port "+port+" is not 9.7 and thus is not affected.");
platform = get_kb_item_or_exit("DB2/"+port+"/Platform");
platform_name = get_kb_item("DB2/"+port+"/Platform_Name");
if (isnull(platform_name))
{
platform_name = platform;
report_phrase = "platform " + platform;
}
else
report_phrase = platform_name;
vuln = FALSE;
# Windows 32-bit/64-bit
if (platform == 5 || platform == 23)
{
fixed_level = '9.7.500.702';
if (ver_compare(ver:level, fix:fixed_level) == -1)
vuln = TRUE;
}
# Others
else if (
# Linux, 2.6 kernel 32/64-bit
platform == 18 ||
platform == 30 ||
# AIX
platform == 20
)
{
fixed_level = '9.7.0.5';
if (ver_compare(ver:level, fix:fixed_level) == -1)
vuln = TRUE;
}
else
{
info =
'Nessus does not support version checks against ' + report_phrase + '.\n' +
'To help us better identify vulnerable versions, please send the platform\n' +
'number along with details about the platform, including the operating system\n' +
'version, CPU architecture, and DB2 version to [email protected].\n';
exit(1, info);
}
if (vuln)
{
report_db2(
severity : SECURITY_WARNING,
port : port,
platform_name : platform_name,
installed_level : level,
fixed_level : fixed_level);
}
else exit(0, "The IBM DB2 "+level+" on " + report_phrase + " install listening on port "+port+" is not affected.");