Vulnerability-Lookup

CERTA-2010-AVI-443

Vulnerability from certfr_avis - Published: - Updated:

Deux vulnérabilités dans IBM DB2 permettent à un utilisateur malveillant de contourner la politique de sécurité.

Description

Deux vulnérabilités sont présentes dans IBM DB2 :

la suppression de droits au groupe PUBLIC n'est pas convenablement répercutée sur des fonctions d'accès aux objets de la base de données. Ce défaut permet à un utilisateur malveillant d'utiliser ces fonctions sans droits ;
si un utilisateur ayant les droits suffisants sur une table donnée exécute une instruction update dans une requête SQL compilée et mise en cache, tout utilisateur pourra exécuter cette instruction, même sans droit suffisant.

Solution

La version 9.7 Fix Pack 3 d'IBM DB2 remédie à ces vulnérabilités.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM DB2 version 9.7.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg2I446455 du 18 septembre 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eIBM DB2 version 9.7.\u003c/p\u003e",
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans IBM DB2\u00a0:\n\n-   la suppression de droits au groupe PUBLIC n\u0027est pas convenablement\n    r\u00e9percut\u00e9e sur des fonctions d\u0027acc\u00e8s aux objets de la base de\n    donn\u00e9es. Ce d\u00e9faut permet \u00e0 un utilisateur malveillant d\u0027utiliser\n    ces fonctions sans droits\u00a0;\n-   si un utilisateur ayant les droits suffisants sur une table donn\u00e9e\n    ex\u00e9cute une instruction update dans une requ\u00eate SQL compil\u00e9e et mise\n    en cache, tout utilisateur pourra ex\u00e9cuter cette instruction, m\u00eame\n    sans droit suffisant.\n\n## Solution\n\nLa version 9.7 Fix Pack 3 d\u0027IBM DB2 rem\u00e9die \u00e0 ces vuln\u00e9rabilit\u00e9s.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3474"
    },
    {
      "name": "CVE-2010-3475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3475"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-443",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-09-20T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences CVE.",
      "revision_date": "2010-09-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans IBM DB2 permettent \u00e0 un utilisateur malveillant\nde contourner la politique de s\u00e9curit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans IBM DB2",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg2I446455 du 18 septembre 2010",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21446455"
    }
  ]
}

CVE-2010-3474 (GCVE-0-2010-3474)

Vulnerability from cvelistv5 – Published: 2010-09-20 21:00 – Updated: 2024-08-07 03:11

Summary

IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions' owners, which allows remote authenticated users to bypass intended access restrictions via calls to these functions, a different vulnerability than CVE-2009-3471.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/43291	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2010/2425	vdb-entryx_refsource_VUPEN
	http://www.securitytracker.com/id?1024457	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/41444	third-party-advisoryx_refsource_SECUNIA
	http://osvdb.org/68121	vdb-entryx_refsource_OSVDB
	http://www.ibm.com/support/docview.wss?uid=swg21446455	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:11:44.230Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43291",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43291"
          },
          {
            "name": "oval:org.mitre.oval:def:14669",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14669"
          },
          {
            "name": "ibm-db2-public-security-bypass(61872)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61872"
          },
          {
            "name": "IC68015",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68015"
          },
          {
            "name": "ADV-2010-2425",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2425"
          },
          {
            "name": "1024457",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024457"
          },
          {
            "name": "41444",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41444"
          },
          {
            "name": "68121",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/68121"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21446455"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions\u0027 owners, which allows remote authenticated users to bypass intended access restrictions via calls to these functions, a different vulnerability than CVE-2009-3471."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "43291",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43291"
        },
        {
          "name": "oval:org.mitre.oval:def:14669",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14669"
        },
        {
          "name": "ibm-db2-public-security-bypass(61872)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61872"
        },
        {
          "name": "IC68015",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68015"
        },
        {
          "name": "ADV-2010-2425",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2425"
        },
        {
          "name": "1024457",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024457"
        },
        {
          "name": "41444",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41444"
        },
        {
          "name": "68121",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/68121"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21446455"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3474",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions\u0027 owners, which allows remote authenticated users to bypass intended access restrictions via calls to these functions, a different vulnerability than CVE-2009-3471."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43291",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/43291"
            },
            {
              "name": "oval:org.mitre.oval:def:14669",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14669"
            },
            {
              "name": "ibm-db2-public-security-bypass(61872)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61872"
            },
            {
              "name": "IC68015",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68015"
            },
            {
              "name": "ADV-2010-2425",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2425"
            },
            {
              "name": "1024457",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024457"
            },
            {
              "name": "41444",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41444"
            },
            {
              "name": "68121",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/68121"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21446455",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21446455"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3474",
    "datePublished": "2010-09-20T21:00:00",
    "dateReserved": "2010-09-20T00:00:00",
    "dateUpdated": "2024-08-07T03:11:44.230Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3475 (GCVE-0-2010-3475)

Vulnerability from cvelistv5 – Published: 2010-09-20 21:00 – Updated: 2024-08-07 03:11

Summary

IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/43291	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2010/2425	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/41444	third-party-advisoryx_refsource_SECUNIA
	http://www.ibm.com/support/docview.wss?uid=swg21446455	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://osvdb.org/68122	vdb-entryx_refsource_OSVDB
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securitytracker.com/id?1024458	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:11:44.338Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43291",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43291"
          },
          {
            "name": "ADV-2010-2425",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2425"
          },
          {
            "name": "ibm-db2-sql-security-bypass(61873)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61873"
          },
          {
            "name": "41444",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41444"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21446455"
          },
          {
            "name": "IC70406",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406"
          },
          {
            "name": "68122",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/68122"
          },
          {
            "name": "oval:org.mitre.oval:def:14609",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609"
          },
          {
            "name": "1024458",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024458"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "43291",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43291"
        },
        {
          "name": "ADV-2010-2425",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2425"
        },
        {
          "name": "ibm-db2-sql-security-bypass(61873)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61873"
        },
        {
          "name": "41444",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41444"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21446455"
        },
        {
          "name": "IC70406",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406"
        },
        {
          "name": "68122",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/68122"
        },
        {
          "name": "oval:org.mitre.oval:def:14609",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609"
        },
        {
          "name": "1024458",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024458"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3475",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43291",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/43291"
            },
            {
              "name": "ADV-2010-2425",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2425"
            },
            {
              "name": "ibm-db2-sql-security-bypass(61873)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61873"
            },
            {
              "name": "41444",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41444"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21446455",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21446455"
            },
            {
              "name": "IC70406",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406"
            },
            {
              "name": "68122",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/68122"
            },
            {
              "name": "oval:org.mitre.oval:def:14609",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609"
            },
            {
              "name": "1024458",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024458"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3475",
    "datePublished": "2010-09-20T21:00:00",
    "dateReserved": "2010-09-20T00:00:00",
    "dateUpdated": "2024-08-07T03:11:44.338Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTA-2010-AVI-443

Description

Solution

CVE-2010-3474 (GCVE-0-2010-3474)

CVE-2010-3475 (GCVE-0-2010-3475)

Tags

Sightings

Nomenclature