Secunia

Some vulnerabilities and a security issue have been reported in IBM DB2, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious users or malicious people to cause a DoS (Denial of Service).

1) An unspecified error while processing a malformed "CONNECT" data stream can be exploited to cause the server to enter an infinite loop.

2) An unspecified error when processing certain malformed data streams can be exploited to cause a DoS.

Successful exploitation of this vulnerability requires authentication.

The vulnerabilities are reported in versions prior to 9.1 FP6a and 9.5 FP3a.

3) Multiple files under "INSTHOME/sqllib/adm" have the setgid bit set, which can be exploited to run certain processes with a privileged group id.

This security issue is reported in versions prior to 9.1 FP6.

4) An unspecified error related to DAS can be exploited to write to arbitrary files and gain root privileges.

This vulnerability is reported in versions prior to 9.5 FP3.

Solution
Apply patches.
Further details available in Customer Area

Provided and/or discovered by
1,2) Dennis Yurichev
3) Reported by the vendor.

Changelog
Further details available in Customer Area

Original Advisory
IBM (IZ36534, IZ37697, IZ39373, IZ39653, IZ26279):
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ36534
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39373
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ26279
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ32358

Dennis Yurichev:
http://blogs.conus.info/node/17

Deep Links
Links available in Customer Area