The Security component in IBM DB2 UDB 9.5 before FP6a logs AUDIT events by using a USERID and an AUTHID value corresponding to the instance owner, instead of a USERID and an AUTHID value corresponding to the logged-in user account, which makes it easier for remote authenticated users to execute Audit administration commands without discovery.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Db2 | Ibm | 9.5 (including) | 9.5 (including) |
| Db2 | Ibm | 9.5-fp1 (including) | 9.5-fp1 (including) |
| Db2 | Ibm | 9.5-fp2 (including) | 9.5-fp2 (including) |
| Db2 | Ibm | 9.5-fp2a (including) | 9.5-fp2a (including) |
| Db2 | Ibm | 9.5-fp3 (including) | 9.5-fp3 (including) |
| Db2 | Ibm | 9.5-fp3a (including) | 9.5-fp3a (including) |
| Db2 | Ibm | 9.5-fp3b (including) | 9.5-fp3b (including) |
| Db2 | Ibm | 9.5-fp4 (including) | 9.5-fp4 (including) |
| Db2 | Ibm | 9.5-fp4a (including) | 9.5-fp4a (including) |
| Db2 | Ibm | 9.5-fp5 (including) | 9.5-fp5 (including) |