Showing 1 - 3 of 3

Files from Ariel Sanchez

First Active	2007-09-01
Last Active	2008-09-16

shatter-db2overrrun.txt: Posted Sep 16, 2008; Authored by Ariel Sanchez | Site appsecinc.com; Team SHATTER Security Advisory - The XMLQUERY and XMLEXISTS functions are vulnerable to a stack based buffer overflow by passing an overly long parameter. The XMLQUERY and XMLEXISTS functions are installed by default. IBM DB2 Database Server versions 9.1 and 9.5 on the Windows platform are affected.; tags | advisory, overflow; systems | windows; advisories | CVE-2008-3854; SHA-256 | 5efd448731a6482ab43eb286aea980a1d038f94b64579c7415920afbcf71422a; Download | Favorite | View

jar-dos.txt: Posted Apr 18, 2008; Authored by Ariel Sanchez | Site appsecinc.com; Team SHATTER Security Advisory - DB2 has multiple vulnerabilities which can lead to Denial of Service (DoS) attacks against the instance. When RECOVERJAR and REMOVE_JAR procedures are called with a specially crafted parameter the DB2 instance crashes. Any DB2 database user can exploit these vulnerabilities since PUBLIC permissions are granted to both procedures by default. The RECOVERJAR and REMOVE_JAR procedures are installed by default.; tags | advisory, denial of service, vulnerability; SHA-256 | 5280bf4da364de375bca4cf60fe5cf84e0b8fd71425f3b82edd5b2f002180611; Download | Favorite | View

appsec-ibmdb2.txt: Posted Sep 1, 2007; Authored by Ariel Sanchez | Site appsecinc.com; IBM DB2 version 9.1 Fixpack 2 Enterprise server edition suffers from a buffer overflow vulnerability in sysproc.auth_list_groups_for_authid.; tags | advisory, overflow; SHA-256 | 2b0c1a893ee97b65a68ec49d7bf81f101d7a1cb13d7e93a4c077de66f58671e9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days