Improper ACL Permissions in IBM DB2 UDB Exposes Security Risks
CVE-2007-6048

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Universal Database
Vendor: CVE Published:; 20 November 2007

What is CVE-2007-6048?

The IBM DB2 UDB 9.1 database system prior to Fixpak 4 has been identified as having improper Access Control List (ACL) permissions on the DB2NODES.CFG file. This vulnerability potentially exposes the system to various unknown impacts and attack vectors, which could compromise the integrity and confidentiality of the database operations. As the vendor’s description lacks specific details, the exact security implications remain unclear, highlighting the importance of proper permission settings in database configurations.

References

http://www-1.ibm.com/support/docview.wss?uid=swg21255607

x_refsource_CONFIRM

http://osvdb.org/41017

vdb-entryx_refsource_OSVDB

http://www.vupen.com/english/advisories/2007/3867

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2007
Vulnerability Reserved
Nov 20, 2007