CVE-2011-4061
Priority
Medium
Description
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2)
kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli
Monitoring for Databases: DB2 Agent, allow local users to gain privileges
via a Trojan horse libkbb.so in the current working directory, related to
the DT_RPATH ELF header.
kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli
Monitoring for Databases: DB2 Agent, allow local users to gain privileges
via a Trojan horse libkbb.so in the current working directory, related to
the DT_RPATH ELF header.
References
Notes
tyhicks> Fixed in 9.7 FP6
Package
| Upstream: | released (9.7 FP6) |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needed |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | needed |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
Patches:
| Upstream: | http://www-01.ibm.com/support/docview.wss?uid=swg24032754 |