Unintended Password Length Limit in IBM DB2 UDB 9.5 Allows Brute-Force Attacks

Unintended Password Length Limit in IBM DB2 UDB 9.5 Allows Brute-Force Attacks

CVE-2010-3734 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, UNIX, and Windows enforces an unintended limit on password length, which makes it easier for attackers to obtain access via a brute-force attack.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.