header-logo
Suggest Exploit
vendor:
DB2
by:
SecurityFocus
7.2
CVSS
HIGH
Format String Vulnerability
134
CWE
Product Name: DB2
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2002-0991
CPE: o:ibm:db2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unknown
2002

Multiple Command-Line Parameter Format String Vulnerabilities in IBM DB2

Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the db2govd, db2start, and db2stop programs. These binaries are typically installed setuid, allowing a malicious local user to gain elevated privileges. An example of this exploit is shown above, where a malicious user can cause a segmentation fault by entering %n%n as a command-line parameter.

Mitigation:

IBM has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8989/info
 
Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the db2govd, db2start, and db2stop programs. These binaries are typically installed setuid. As a result, a malicious local user may be capable of gaining elevate privileges.

[kf@RiotStarter adm]$ ./db2stop %n%n
Segmentation fault

Navigation

Suggest Exploit

Services By CQR