cve-2008-0699
Vulnerability from cvelistv5
Published
2008-02-12 00:00
Modified
2024-08-07 07:54
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
},
{
"name": "20080418 Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491075/100/0/threaded"
},
{
"name": "IZ06972",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972"
},
{
"name": "IZ06973",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973"
},
{
"name": "IZ10917",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917"
},
{
"name": "28771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28771"
},
{
"name": "ADV-2008-0401",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0401"
},
{
"name": "29784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29784"
},
{
"name": "29022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29022"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml"
},
{
"name": "41795",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
},
{
"name": "20080418 Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491075/100/0/threaded"
},
{
"name": "IZ06972",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972"
},
{
"name": "IZ06973",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973"
},
{
"name": "IZ10917",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917"
},
{
"name": "28771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28771"
},
{
"name": "ADV-2008-0401",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0401"
},
{
"name": "29784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29784"
},
{
"name": "29022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29022"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml"
},
{
"name": "41795",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41795"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
"refsource": "CONFIRM",
"url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
},
{
"name": "20080418 Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491075/100/0/threaded"
},
{
"name": "IZ06972",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972"
},
{
"name": "IZ06973",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973"
},
{
"name": "IZ10917",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917"
},
{
"name": "28771",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28771"
},
{
"name": "ADV-2008-0401",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0401"
},
{
"name": "29784",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29784"
},
{
"name": "29022",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29022"
},
{
"name": "http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml",
"refsource": "MISC",
"url": "http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml"
},
{
"name": "41795",
"refsource": "OSVDB",
"url": "http://osvdb.org/41795"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0699",
"datePublished": "2008-02-12T00:00:00",
"dateReserved": "2008-02-11T00:00:00",
"dateUpdated": "2024-08-07T07:54:22.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2008-0699\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-02-12T01:00:00.000\",\"lastModified\":\"2024-11-21T00:42:42.490\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no espec\u00edfica en el procedimiento ADMIN_SP_C (SYSPROC.ADMIN_SP_C) en DB2 UDB de IBM en versiones anteriores a la 8.2 Fixpak 16, versi\u00f3n 9.1 en versiones anteriores a la FP4a y versi\u00f3n 9.5 en versiones anteriores a laFP1 permite a usuarios autenticados remotamente ejecutar un c\u00f3digo arbitrario por medio de vectores de ataque no espec\u00edficos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":true,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"55ABF9A3-7776-4C0B-A6CC-45955E42DA1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp10:*:*:*:*:*:*\",\"matchCriteriaId\":\"68B64CBF-7A11-4AA9-8C44-77E891DD2446\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp11:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AEB3163-D0D0-4E43-AF64-479D4AEE90C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp12:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E3BC415-D3D2-48FC-9B6A-34596A371ACF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp13:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA84C4CF-D486-4D21-A909-C311BF70CE14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp14:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BC02E85-73EC-408B-A31E-F2DDFEA8EF13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp15:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7CB2C4F-A038-461E-9FAB-FA4186F83817\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp16:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DA81141-A4CF-42AD-AFE4-6336AF77ED9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DF77950-22DE-4BA2-A10F-10953F6119E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"57F66472-61EC-4467-ACF6-2893BF9E4050\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"403EF6EC-9EEF-40F1-BA5C-F6211AADC9A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CE8E119-58C7-4BF0-9C74-93F44E4FC732\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F16D689-D091-47AA-96EC-6B419D4A6CD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAEFCEBE-4CBC-4301-BEC6-9D9C9C3E0539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp8:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7130E8C-3D8D-4AAF-9D42-55236131989D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:8.2:fp9:*:*:*:*:*:*\",\"matchCriteriaId\":\"496D052A-CD28-4888-A59C-4F45E9F1471F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B28091A-8772-41DC-9D91-D5359CDDA7A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AF419E7-F2B5-4E2A-B85D-C0EC6C1DEA4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"95BBA3F1-C276-4C30-BFE5-9CE212BEBEFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1:fp2a:*:*:*:*:*:*\",\"matchCriteriaId\":\"A39759EE-5166-4122-8EFD-93CD79909403\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DF01163-F805-4FC8-9836-462034D1B5CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*\",\"matchCriteriaId\":\"E570E88C-35F8-4E12-8121-20536AC8A0AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"757E30FB-2EFB-4B3D-9931-17D584D433A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11ABF7CC-2FA5-4F2D-901A-2D0EF5B8E717\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/41795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/28771\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29022\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29784\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/491075/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0401\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/41795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/28771\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29022\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29784\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/491075/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.