Vulnerability Name:

CVE-2007-4417 (CCN-36108)

Assigned:2007-08-15
Published:2007-08-15
Updated:2017-07-29
Summary:IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed.
CVSS v3 Severity:9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.0 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P)
4.4 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
6.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2007-4417

Source: CCN
Type: SA26471
IBM DB2 Multiple Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
26471

Source: AIXAPAR
Type: UNKNOWN
IY88158

Source: CCN
Type: APAR IY88158
EXECUTE AUTHORITY ON A METHOD MAY PERSIST AFTER REVOKE

Source: AIXAPAR
Type: UNKNOWN
IY88226

Source: CCN
Type: APAR IY88226
EXECUTE AUTHORITY ON A METHOD MAY PERSIST AFTER REVOKE

Source: CONFIRM
Type: UNKNOWN
http://www-1.ibm.com/support/docview.wss?uid=swg21255352

Source: CONFIRM
Type: UNKNOWN
http://www-1.ibm.com/support/docview.wss?uid=swg21255607

Source: CCN
Type: VIM Mailing list, Sat Aug 18 21:05:56 UTC 2007
Recent DB2 Vulnerabilities

Source: MLIST
Type: UNKNOWN
[VIM] 20070821 Recent DB2 Vulnerabilities

Source: CCN
Type: OSVDB ID: 40977
IBM DB2 Universal Database Method Revocation Bypass

Source: BID
Type: UNKNOWN
25339

Source: CCN
Type: BID-25339
IBM DB2 Universal Database Multiple Unspecified Vulnerabilities

Source: VUPEN
Type: UNKNOWN
ADV-2007-2912

Source: XF
Type: UNKNOWN
db2-method-privilege-escalation(36108)

Source: XF
Type: UNKNOWN
db2-method-privilege-escalation(36108)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:* (Version <= 8.0)
  • OR cpe:/a:ibm:db2_universal_database:*:*:fp2:*:*:*:*:* (Version <= 9.1)

    • Configuration CCN 1:
  • cpe:/a:ibm:db2_universal_database:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:9.1::fp2:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.0:fp14:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.0:fp13:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_universal_database:8.0:fp9:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ibm db2 universal database * fp14
    ibm db2 universal database *
    ibm db2 universal database 8.0
    ibm db2 universal database 9.1
    ibm db2 universal database 9.1 fp3
    ibm db2 universal database 9.1
    ibm db2 universal database 8.0 fp14
    ibm db2 universal database 8.0 fp13
    ibm db2 universal database 8.0 fp9