Vulnerability Name:

CVE-2005-4864 (CCN-17616)

Assigned:2004-10-06
Published:2004-10-06
Updated:2017-07-29
Summary:Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: VulnWatch Mailing List, Wed Sep 01 2004 - 11:45:33 CDT
Patch available for IBM DB2 Universal Database flaws

Source: CCN
Type: VulnWatch] Mailing List, Tue Oct 05 2004 - 09:15:52 CDT
Patch available for critical IBM DB2 Universal Database flaws

Source: MITRE
Type: CNA
CVE-2005-4864

Source: BUGTRAQ
Type: UNKNOWN
20050105 IBM DB2 libdb2.so buffer overflow (#NISR05012005B)

Source: CCN
Type: SA12733
DB2 Universal Database Multiple Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
12733

Source: AIXAPAR
Type: Patch
IY62042

Source: CCN
Type: IBM APAR IY62042
SECURITY: BUFFER OVERLOWS WHEN THE DB2LPORT ENVIRONMENT VARIABLEIS SET TO A LONG STRING VALUE

Source: CCN
Type: IBM DB2 version 7 FixPaks Download Web page
DB2 Universal Datavase for Linux, UNIX and Windows

Source: CCN
Type: IBM DB2 version 8 FixPaks Download Web page
DB2 Universal Datavase for Linux, UNIX and Windows

Source: CCN
Type: NGSSoftware Insight Security Research Advisory #NISR05012005B
IBM DB2 libdb2.so.1 buffer overflow

Source: MISC
Type: UNKNOWN
http://www.ngssoftware.com/advisories/db205012005B.txt

Source: CCN
Type: OSVDB ID: 10517
IBM DB2 DB2LPORT Variable Overflow

Source: CCN
Type: BID-11327
IBM DB2 Multiple Critical Remote Vulnerabilities

Source: BID
Type: Patch
11390

Source: CCN
Type: BID-11390
IBM DB2 DB2LPORT Environment Variable Buffer Overflow Vulnerability

Source: XF
Type: UNKNOWN
db2-db2lport-bo(17616)

Source: XF
Type: UNKNOWN
db2-db2lport-bo(17616)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ibm:db2_universal_database:7.0:*:aix:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.0:*:hp-ux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.0:*:solaris:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.1:*:aix:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.1:*:hp-ux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.1:*:solaris:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.2:*:aix:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.2:*:hp-ux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.2:*:solaris:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.0:*:hp-ux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1:*:hp_ux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1:*:linux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1:*:solaris:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:db2_universal_database:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ibm db2 universal database 7.0
    ibm db2 universal database 7.0
    ibm db2 universal database 7.0
    ibm db2 universal database 7.0
    ibm db2 universal database 7.1
    ibm db2 universal database 7.1
    ibm db2 universal database 7.1
    ibm db2 universal database 7.1
    ibm db2 universal database 7.2
    ibm db2 universal database 7.2
    ibm db2 universal database 7.2
    ibm db2 universal database 7.2
    ibm db2 universal database 8.0
    ibm db2 universal database 8.0
    ibm db2 universal database 8.0
    ibm db2 universal database 8.0
    ibm db2 universal database 8.1
    ibm db2 universal database 8.1
    ibm db2 universal database 8.1
    ibm db2 universal database 8.1
    ibm db2 universal database 7.1
    ibm db2 universal database 7.0
    ibm db2 universal database 8.1
    ibm db2 universal database 7.2
    ibm db2 universal database 8.0