IBM DB2 Universal Database (UDB) prior to 8.1 FixPak 13 allows remote authenticated users to cause a denial of service (crash) by (1) sending the first ACCSEC command without an RDBNAM parameter during the CONNECT process, or (2) sending crafted SQLJRA packet, which results in a null dereference.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm db2 8.1.4 |
||
ibm db2 8.1.6 |
||
ibm db2 8.1.7 |
||
ibm db2 8.1.7b |
||
ibm db2 8.1.8a |
||
ibm db2 8.1.9a |
||
ibm db2 8.1 |
||
ibm db2 8.0 |
||
ibm db2 8.1.5 |
||
ibm db2 8.1.6c |
||
ibm db2 8.1.8 |
||
ibm db2 8.1.9 |
||
ibm db2 8.12 |
||
ibm db2 8.2 |
||
ibm db2 8.10 |
Vulmon