Signature Detail

Short Name	DB:DB2:INVALID-DATA-STREAM-DOS
Severity	High
Recommended	No
Recommended Action	Drop
Category	DB
Keywords	IBM DB2 Database Server Invalid Data Stream Denial of Service (CVE-2009-0173)
Release Date	2013/04/03
Update Number	2251
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DB: IBM DB2 Database Server Invalid Data Stream Denial of Service (CVE-2009-0173)

This signature detects attempts to exploit a known vulnerability against IBM DB2 Database. A successful attack can result in a denial-of-service condition.

Extended Description

IBM DB2 is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to crash the server and deny service to legitimate users. These issues affect versions prior to DB2 9.1 FP6a, 9.5 FP3a, and 8.1 FP17a.

Affected Products

IBM DB2 Universal Database 8.1
IBM DB2 Universal Database 8.2
IBM DB2 Universal Database 9.1
IBM DB2 Universal Database 9.1 Fix Pack 4A
IBM DB2 Universal Database 9.1 Fix Pack 6
IBM DB2 Universal Database 9.1 Fix Pack 6A
IBM DB2 Universal Database 9.5
IBM DB2 Universal Database 9.5 Fix Pack 1
IBM DB2 Universal Database 9.5 Fix Pack 3a
IBM DB2 Universal Database 9.5 Fixpak 2

References

BugTraq: 33258
CVE: CVE-2009-0173

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

DB: IBM DB2 Database Server Invalid Data Stream Denial of Service (CVE-2009-0173)

Extended Description

Affected Products

References