First published: Wed Jun 03 2009(Updated: )
The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ibm Db2 | <=8.0 | |
Ibm Db2 | <=9.1 | |
Ibm Db2 | <=9.5 | |
Ibm Db2 | =8.0-fix_pack15 | |
Ibm Db2 | =8.0-fp1 | |
Ibm Db2 | =8.0-fp10 | |
Ibm Db2 | =8.0-fp11 | |
Ibm Db2 | =8.0-fp12 | |
Ibm Db2 | =8.0-fp13 | |
Ibm Db2 | =8.0-fp14 | |
Ibm Db2 | =8.0-fp15 | |
Ibm Db2 | =9.1-fp1 | |
Ibm Db2 | =9.1-fp2 | |
Ibm Db2 | =9.1-fp3 | |
Ibm Db2 | =9.1-fp3a | |
Ibm Db2 | =9.1-fp4a | |
Ibm Db2 | =9.5-fp2 | |
Ibm Db2 | =9.5-fp3 | |
Ibm Db2 | =9.5-fp2 | |
Ibm Db2 | =9.5-fp3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.