Untrusted Search Path Vulnerabilities in IBM DB2 Express Edition 9.7

Untrusted Search Path Vulnerabilities in IBM DB2 Express Edition 9.7

CVE-2011-4061 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header.

Learn more about our Cis Benchmark Audit For Ibm Db2.