Intrusion Prevention

IBM.DB2.Kuddb2.DoS

Description

This indicates an attack attempt to exploit a denial of service vulnerability in IBM DB2.
This issue is caused by an error in the vulnerable software when handling malformed client requests. It may allow remote attackers to crash vulnerable systems by sending a certain byte sequence.

Affected Products

IBM Tivoli Storage Manager 6.2.1
IBM Tivoli Storage Manager 6.2
IBM DB2 Universal Database 9.7

Impact

System Compromise: Remote attackers can crash vulnerable systems.

Recommended Actions

Refer to the vendor's web site for suggested workaround.
http://www-01.ibm.com/support/docview.wss?uid=swg1IC69118

CVE References

CVE-2010-0472