Information Disclosure in IBM DB2 Base Service Utilities Component
CVE-2008-3857

Currently unrated

Key Information:

Vendor

IBM
Status
Db2 Universal Database
Vendor
CVE Published:
28 August 2008

What is CVE-2008-3857?

The Base Service Utilities component in IBM DB2 9.1 prior to Fixpak 5 contains a vulnerability where it retains a cleartext password in memory after establishing the database connection. This may allow local users to exploit the system by reading memory dumps, potentially granting them access to sensitive authentication information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-1.ibm.com/support/docview.wss?uid=swg21255607
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/45139
vdb-entryx_refsource_XF
http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422
vendor-advisoryx_refsource_AIXAPAR

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.