AppSecInc Security Alert: Denial of Service Vulnerability in DB2 Discovery Service
From: Aaron C. Newman (aaron_at_NEWMAN-FAMILY.COM)
Date: 09/19/03
- Previous message: Ernst Lopes Cardozo: "Patch 22, eh, make that Catch 22"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 18 Sep 2003 20:17:36 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Denial of Service Vulnerability in DB2 Discovery Service
To determine if you should apply this patch, download AppDetective for
DB2 from http://www.appsecinc.com/products/appdetective/db2/
Risk level: Low
Summary:
IBM DB2 provides a UDP service used as a discovery service for locating
DB2 databases on the network. This UDP service shuts down when sent more
than 20 bytes.
Details:
IBM DB2 is a database that provides many services. One of these services
is a discovery service. This is used to locate a service when
configuring a connection. This service listens on UDP port 523.
This service typically receives a packet such as "DB2GETADDR SQL07020".
If a packet larger than 20 bytes is received by the server, the service
will shutdown.
Once the discovery service crashes, the service "DB2 - DB2DAS00" must be
restarted.
This issue is cover under the fix "IY47686: Search Discovery Listener
Denial of Service Vulnerability".
Fix:
Apply FixPak 10a from IBM. This can be downloaded from the following
location:
http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/down
load.d2w/report
Regards,
Aaron
_______________________________
Aaron C. Newman
CTO/Founder
Application Security, Inc.
www.appsecinc.com
Phone: 212-420-9270
Fax: 212-420-9680
- Securing Business by Securing Enterprise Applications -
----------------------------------------------------------------------
Application Security, Inc.
www.appsecinc.com
AppSecInc is the pioneer in designing, developing, and managing
application security solutions for the enterprise. AppSecInc products
proactively secure enterprise applications by discovering, assessing,
and protecting the database against rapidly changing security threats.
We give organizations the confidence to extend business with customers,
partners and suppliers across networks and the Internet. Our security
experts, combined with our strong support team, deliver the most
up-to-date application safeguards to minimize risk and eliminate impact
on business.
----------------------------------------------------------------------
---- Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER! With a growth rate exceeding 110%, the TICSA security practitioner certification is one of the hottest IT credentials available. And now, for a limited time, you can save 33% off of the TICSA certification exam! To learn more about the TICSA certification, and to register as a TICSA candidate online, just go to http://www.trusecure.com/offer/s0100/ ----
- Previous message: Ernst Lopes Cardozo: "Patch 22, eh, make that Catch 22"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
