Vulnerability Description
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | 9.7 |
| Ibm | Tivoli Monitoring For Databases | All versions |
References
- http://securityreason.com/securityalert/8476
- http://www.nth-dimension.org.uk/downloads.php?id=77
- http://www.nth-dimension.org.uk/downloads.php?id=83Exploit
- http://www.securityfocus.com/archive/1/518659
- http://www.securityfocus.com/bid/48514Exploit
- http://www.securityfocus.com/bid/51181
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://securityreason.com/securityalert/8476
- http://www.nth-dimension.org.uk/downloads.php?id=77
- http://www.nth-dimension.org.uk/downloads.php?id=83Exploit
- http://www.securityfocus.com/archive/1/518659
- http://www.securityfocus.com/bid/48514Exploit
- http://www.securityfocus.com/bid/51181
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2011-4061?
CVE-2011-4061 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain ...
How severe is CVE-2011-4061?
CVE-2011-4061 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-4061?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2, Ibm Tivoli Monitoring For Databases.