|
|

CVE Reference: CVE-2009-1905 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-1905 |
|
|
Description: The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/50909 ST 1022319 SAID Secunia Advisory: SA31787 Secunia Advisory: SA35235 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21386689 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss?uid=swg21318189 BID 35171 36540 AIXAPAR http://www-01.ibm.com/support/docview.wss?uid=swg1JR32273 http://www-01.ibm.com/support/docview.wss?uid=swg1JR32272 http://www-01.ibm.com/support/docview.wss?uid=swg1JR32268 |
|
| Return to the previous page. |
Not a customer already?Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance. |