CVE-2017-1438

First published: Tue Sep 12 2017(Updated: )

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
Ibm Db2	=9.7
Ibm Db2	=9.7.0.1
Ibm Db2	=9.7.0.2
Ibm Db2	=9.7.0.3
Ibm Db2	=9.7.0.4
Ibm Db2	=9.7.0.5
Ibm Db2	=9.7.0.6
Ibm Db2	=9.7.0.7
Ibm Db2	=9.7.0.8
Ibm Db2	=9.7.0.9
Ibm Db2	=9.7.0.9-a
Ibm Db2	=9.7.0.10
Ibm Db2	=9.7.0.11
Ibm Db2	=10.1
Ibm Db2	=10.1.0.1
Ibm Db2	=10.1.0.2
Ibm Db2	=10.1.0.3
Ibm Db2	=10.1.0.4
Ibm Db2	=10.1.0.5
Ibm Db2	=10.5
Ibm Db2	=10.5.0.1
Ibm Db2	=10.5.0.2
Ibm Db2	=10.5.0.3
Ibm Db2	=10.5.0.3-a
Ibm Db2	=10.5.0.4
Ibm Db2	=10.5.0.5
Ibm Db2	=10.5.0.6
Ibm Db2	=10.5.0.7
Ibm Db2	=11.1.0.0
Ibm Db2 Connect	=9.7
Ibm Db2 Connect	=9.7.0.1
Ibm Db2 Connect	=9.7.0.2
Ibm Db2 Connect	=9.7.0.3
Ibm Db2 Connect	=9.7.0.4
Ibm Db2 Connect	=9.7.0.5
Ibm Db2 Connect	=9.7.0.6
Ibm Db2 Connect	=9.7.0.7
Ibm Db2 Connect	=9.7.0.8
Ibm Db2 Connect	=9.7.0.9
Ibm Db2 Connect	=9.7.0.10
Ibm Db2 Connect	=9.7.0.11
Ibm Db2 Connect	=10.1
Ibm Db2 Connect	=10.1.0.1
Ibm Db2 Connect	=10.1.0.2
Ibm Db2 Connect	=10.1.0.3
Ibm Db2 Connect	=10.1.0.4
Ibm Db2 Connect	=10.1.0.5
Ibm Db2 Connect	=10.5
Ibm Db2 Connect	=10.5.0.1
Ibm Db2 Connect	=10.5.0.2
Ibm Db2 Connect	=10.5.0.3
Ibm Db2 Connect	=10.5.0.4
Ibm Db2 Connect	=10.5.0.5
Ibm Db2 Connect	=10.5.0.6
Ibm Db2 Connect	=10.5.0.7
Ibm Db2 Connect	=11.1.0.0
Linux Linux kernel
Microsoft Windows

Remedy

http://www.ibm.com/support/docview.wss?uid=swg22006885

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/severity
agent/author
agent/references
agent/type
agent/event
agent/description
agent/softwarecombine
agent/first-publish-date
agent/remedy
agent/tags
agent/last-modified-date
collector/mitre-cve
source/MITRE
vendor/ibm
canonical/ibm db2
version/ibm db2/9.7
version/ibm db2/9.7.0.1
version/ibm db2/9.7.0.2
version/ibm db2/9.7.0.3
version/ibm db2/9.7.0.4
version/ibm db2/9.7.0.5
version/ibm db2/9.7.0.6
version/ibm db2/9.7.0.7
version/ibm db2/9.7.0.8
version/ibm db2/9.7.0.9
version/ibm db2/9.7.0.9-a
version/ibm db2/9.7.0.10
version/ibm db2/9.7.0.11
version/ibm db2/10.1
version/ibm db2/10.1.0.1
version/ibm db2/10.1.0.2
version/ibm db2/10.1.0.3
version/ibm db2/10.1.0.4
version/ibm db2/10.1.0.5
version/ibm db2/10.5
version/ibm db2/10.5.0.1
version/ibm db2/10.5.0.2
version/ibm db2/10.5.0.3
version/ibm db2/10.5.0.3-a
version/ibm db2/10.5.0.4
version/ibm db2/10.5.0.5
version/ibm db2/10.5.0.6
version/ibm db2/10.5.0.7
version/ibm db2/11.1.0.0
canonical/ibm db2 connect
version/ibm db2 connect/9.7
version/ibm db2 connect/9.7.0.1
version/ibm db2 connect/9.7.0.2
version/ibm db2 connect/9.7.0.3
version/ibm db2 connect/9.7.0.4
version/ibm db2 connect/9.7.0.5
version/ibm db2 connect/9.7.0.6
version/ibm db2 connect/9.7.0.7
version/ibm db2 connect/9.7.0.8
version/ibm db2 connect/9.7.0.9
version/ibm db2 connect/9.7.0.10
version/ibm db2 connect/9.7.0.11
version/ibm db2 connect/10.1
version/ibm db2 connect/10.1.0.1
version/ibm db2 connect/10.1.0.2
version/ibm db2 connect/10.1.0.3
version/ibm db2 connect/10.1.0.4
version/ibm db2 connect/10.1.0.5
version/ibm db2 connect/10.5
version/ibm db2 connect/10.5.0.1
version/ibm db2 connect/10.5.0.2
version/ibm db2 connect/10.5.0.3
version/ibm db2 connect/10.5.0.4
version/ibm db2 connect/10.5.0.5
version/ibm db2 connect/10.5.0.6
version/ibm db2 connect/10.5.0.7
version/ibm db2 connect/11.1.0.0
vendor/linux
canonical/linux linux kernel
vendor/microsoft
canonical/microsoft windows

CVE-2017-1438

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact