IBM has issued a patch to plug a critical flaw in its DB2 database management system that an attacker could exploit...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
to take complete control of a system.
The flaw was discovered in DB2 version 9.1 Fixpack 2 Enterprise server edition. A buffer overflow condition exists within the sysproc.auth_list_groups_for_authid function.
The discovery was made Ariel Sanchez of New York City-based database security vendor, Application Security Inc. The vendor issued an advisory Friday for the DB2 flaw after IBM released a fix.