Certain setuid DB2 binaries in IBM DB2 prior to 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 9.0 |