Critical flaw discovered in IBM DB2 Staff

IBM has issued a patch to plug a critical flaw in its DB2 database management system that an attacker could exploit to take complete control of a system.

The flaw was discovered in DB2 version 9.1 Fixpack 2 Enterprise server edition. A buffer overflow condition exists within the sysproc.auth_list_groups_for_authid function.

The discovery was made Ariel Sanchez of New York City-based database security vendor, Application Security Inc. The vendor issued an

    Requires Free Membership to View

advisory Friday for the DB2 flaw after IBM released a fix.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: