Intrusion Prevention

IBM.DB2.Discover.Service.DoS

Description

It indicates a possible exploit of a denial of service vulnerability in the DB2 Discovery Service.
If a UDP packet larger than 20 bytes is received by the service, it will shut down. Affected services will need to be restarted to regain normal functionality.

Affected Products

IBM DB2 Universal Database for Windows 7.2
IBM DB2 Universal Database for Windows 7.1
IBM DB2 Universal Database for Solaris 7.2
IBM DB2 Universal Database for Solaris 7.1
IBM DB2 Universal Database for Linux 7.2
IBM DB2 Universal Database for Linux 7.1
IBM DB2 Universal Database for HP-UX 7.2
IBM DB2 Universal Database for HP-UX 7.1
IBM DB2 Universal Database for AIX 7.2
IBM DB2 Universal Database for AIX 7.1

Impact

Denial of service.

Recommended Actions

Apply DB2 version 7.2, FixPak 10a, available from the IBM Web site.
http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg27007053

CVE References

CVE-2003-0827