CVE-2011-4061 - Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Ed

CVE-2011-4061

Summary

Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

References

Vulnerable Configurations

cpe:2.3:a:ibm:db2:9.7:*:express:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.7:*:express:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_monitoring_for_databases:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_monitoring_for_databases:*:*:*:*:*:*:*:*

CVSS

Base:	6.9 (as of 11-10-2018 - 10:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

oval via4

accepted

2013-07-29T04:00:07.792-04:00

class

vulnerability

contributors

name Scott Quint
organization DTCC
name Maria Kedovskaya
organization ALTX-SOFT

definition_extensions

comment	IBM DB2 UDB is installed
oval	oval:org.mitre.oval:def:12505

description

family

windows

oval:org.mitre.oval:def:14063

status

accepted

submitted

2011-12-16T09:52:00.000-05:00

title

version

refmap via4

bid	48514 51181
bugtraq	20110629 Breaking the links: Exploiting the linker
misc	http://www.nth-dimension.org.uk/downloads.php?id=77 http://www.nth-dimension.org.uk/downloads.php?id=83
sreason	8476

Last major update

11-10-2018 - 10:29

Published

18-10-2011 - 01:55

Last modified

11-10-2018 - 10:29