Boletines de Vulnerabilidades

IBM Security Bulletin: Escalation of Privilege Vulnerability in IBM® DB2® Stored Procedure Infrastructure on Windows (CVE-2013-6744)

Información sobre el sistema
   
Software afectado IBM

Descripción
Vulnerability in IBM DB2 for Linux, Unix and Windows could allow an authenticated user to obtain elevated privilege on Windows. CVE(s): CVE-2013-6744 Affected product(s) and affected version(s): The following IBM DB2 and DB2 Connect V9.1, V9.5, V9.7, V10.1 and V10.5 editions running on Windows are vulnerable. DB2 on AIX, Linux, HP and Solaris are not vulnerable. IBM DB2 Express Edition IBM DB2 Workgroup Server Edition IBM DB2 Enterprise Server Edition IBM DB2 Connect™ Application

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_escalation_of_privilege_vulnerability_in_ibm_db2_stored_procedure_infrastructure_on_windows_cve_2013_6744?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2013-6744 and CVE-2014-0114.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-05-27

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT