IBM has issued a patch to plug a critical flaw in its DB2 database management system that an attacker could exploit...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
to take complete control of a system.
The flaw was discovered in DB2 version 9.1 Fixpack 2 Enterprise server edition. A buffer overflow condition exists within the sysproc.auth_list_groups_for_authid function.
The discovery was made Ariel Sanchez of New York City-based database security vendor, Application Security Inc. The vendor issued an advisory Friday for the DB2 flaw after IBM released a fix.