Vulnerability Name:

CVE-2007-1086 (CCN-32650)

Assigned:2007-02-22
Published:2007-02-22
Updated:2018-10-30
Summary:Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2007-1086

Source: IDEFENSE
Type: Patch
20070222 IBM DB2 Universal Database Multiple Privilege Escalation Vulnerabilities

Source: OSVDB
Type: UNKNOWN
40969

Source: CCN
Type: IBM APAR IY94833
SECURITY: MULTIPLE DB2 ENVIRONMENT VARIABLES CAUSE BUFFER OVERFLOW VULNERABILITY AND SYMLINK OVERWRITE VULNERABILITY.

Source: AIXAPAR
Type: UNKNOWN
IY94833

Source: VIM
Type: UNKNOWN
20070818 Recent DB2 Vulnerabilities

Source: CCN
Type: OSVDB ID: 40969
IBM DB2 Universal Database Unspecified Local Arbitrary File Manipulation

Source: BID
Type: Patch
22677

Source: CCN
Type: BID-22677
IBM DB2 Universal Database Multiple Local Privilege Escalation Vulnerabilities

Source: XF
Type: UNKNOWN
db2-setuid-privilege-escalation(32650)

Source: XF
Type: UNKNOWN
db2-setuid-privilege-escalation(32650)

Source: CCN
Type: iDefense Labs PUBLIC ADVISORY: 02.22.07
IBM DB2 Universal Database DB2INSTANCE File Creation Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:*:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.18.0:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.19:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.19.3:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.20:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:*:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:9.1:*:hp-ux:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:db2_universal_database:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1::fp8:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1::fp10:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.1::fp11:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    hp hp-ux *
    ibm aix *
    linux linux kernel 2.6.18.0
    linux linux kernel 2.6.18.1
    linux linux kernel 2.6.18.2
    linux linux kernel 2.6.18.3
    linux linux kernel 2.6.18.4
    linux linux kernel 2.6.18.5
    linux linux kernel 2.6.18.6
    linux linux kernel 2.6.18.7
    linux linux kernel 2.6.19
    linux linux kernel 2.6.19.1
    linux linux kernel 2.6.19.2
    linux linux kernel 2.6.19.3
    linux linux kernel 2.6.19.4
    linux linux kernel 2.6.20
    linux linux kernel 2.6.20.1
    microsoft windows xp *
    sun solaris *
    ibm db2 universal database 8.0
    ibm db2 universal database 8.1
    ibm db2 universal database 8.1.4
    ibm db2 universal database 8.1.5
    ibm db2 universal database 8.1.6
    ibm db2 universal database 8.1.6c
    ibm db2 universal database 8.1.7
    ibm db2 universal database 8.1.7b
    ibm db2 universal database 8.1.8
    ibm db2 universal database 8.1.8a
    ibm db2 universal database 8.1.9
    ibm db2 universal database 8.1.9a
    ibm db2 universal database 8.10
    ibm db2 universal database 8.12
    ibm db2 universal database 9.1
    ibm db2 universal database 8.1
    ibm db2 9.0
    ibm db2 universal database 8.1
    ibm db2 universal database 8.1
    ibm db2 universal database 8.1