Back to search
CVE-2011-0757
Published: Feb 2, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC66815
x_refsource_CONFIRM
IC66814
vendor-advisory
x_refsource_AIXAPAR
43148
third-party-advisory
x_refsource_SECUNIA
IC66815
vendor-advisory
x_refsource_AIXAPAR
http://www.ibm.com/support/docview.wss?uid=swg21426108
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC66814
x_refsource_CONFIRM
70773
vdb-entry
x_refsource_OSVDB
oval:org.mitre.oval:def:14295
vdb-entry
signature
x_refsource_OVAL
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC66811
x_refsource_CONFIRM
ibm-db2-dbadm-priv-esc(65008)
vdb-entry
x_refsource_XF
46064
vdb-entry
x_refsource_BID
IC66811
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now