Lucene search

[email protected]NVD:CVE-2004-0795

HistoryOct 20, 2004 - 4:00 a.m.

CVE-2004-0795

2004-10-2004:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

0.019

Percentile

88.8%

JSON

DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.

Affected configurations

Nvd

Node

ibmdb2_universal_databaseMatch8.1aix

VendorProductVersionCPE
ibmdb2_universal_database8.1cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	db2_universal_database	8.1	cpe:2.3:a:ibm:db2_universal_database:8.1::aix:::::

References

marc.info/?l=bugtraq&m=107885081414173&w=2

www-1.ibm.com/support/docview.wss?uid=swg1IY53894

www.nextgenss.com/advisories/db2rmtcmd.txt

www.securityfocus.com/bid/9821

exchange.xforce.ibmcloud.com/vulnerabilities/15420

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

0.019

Percentile

88.8%

JSON

Related for NVD:CVE-2004-0795

packetstorm1 metasploit1 cvelist1 cve1