1. CVE-Search
  2. CVE-2006-3066
ID CVE-2006-3066
Summary Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection. This vulnerability is addressed in the following product release: IBM, DB2 Universal Database, 8.12
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:-:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:-:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.0:*:hp_ux:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.0:*:hp_ux:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2_universal_database:8.10:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2_universal_database:8.10:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-10-2018 - 16:45)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
aixapar IY84096
bid 18428
bugtraq 20060906 Details for BID 18428
osvdb 29861
secunia 20579
vupen ADV-2006-2332
Last major update 18-10-2018 - 16:45
Published 19-06-2006 - 10:02
Last modified 18-10-2018 - 16:45
Back to Top