IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Db2 | Ibm | 9.0 (including) | 9.0 (including) |
| Db2_universal_database | Ibm | 6.0 (including) | 6.0 (including) |
| Db2_universal_database | Ibm | 7.0 (including) | 7.0 (including) |
| Db2_universal_database | Ibm | 7.1 (including) | 7.1 (including) |
| Db2_universal_database | Ibm | 7.2 (including) | 7.2 (including) |
| Db2_universal_database | Ibm | 8.0 (including) | 8.0 (including) |
| Db2_universal_database | Ibm | 8.1 (including) | 8.1 (including) |
| Db2_universal_database | Ibm | 8.2 (including) | 8.2 (including) |