The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows malicious users to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 9.1 |
||
ibm db2 |
||
ibm db2 9.5 |