db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 universal database 9.1 |
||
ibm db2 universal database 9.5 |
||
ibm db2 universal database 8 |