IBM DB2 Vulnerability on Unix and Linux Systems
CVE-2008-3856

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Universal Database
Vendor: CVE Published:; 28 August 2008

Summary

The IBM DB2 products for Unix and Linux systems exhibit a flaw where the db2fmp process fails to change ownership appropriately. This oversight may lead to unknown impacts, potentially exposing the system to unanticipated attack vectors. Users of affected versions should review their configurations and apply the latest fixes to mitigate any risks associated with this issue.

References

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/31058

vdb-entryx_refsource_BID

http://www-1.ibm.com/support/docview.wss?uid=swg21255607

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 28, 2008
Vulnerability Reserved
Aug 28, 2008