IBM Support

IZ22190: Buffer overflow condition in DAS server code.

 

APAR status

  • Closed as program error.

Error description

  • There exists a buffer overflow condition in DAS server code,
    which might lead to DoS, Crash or arbitrary code execution.
    This problem was reported to IBM by Diego Bauche of Application
    Security Inc.

Local fix

  • No local fix is available.

Problem summary

  • ****************************************************************
    USERS AFFECTED:
    ALL
    ****************************************************************
    PROBLEM DESCRIPTION:
    There exists a buffer overflow condition in DAS server code,
    which might lead to DoS, Crash or arbitrary code execution.
    This problem was reported to IBM by Diego Bauche of Application
    Security Inc.
    ****************************************************************
    RECOMMENDATION:
    Upgrading to Version 9.5 Fix Pack 2 resolves the issue.
    ****************************************************************

Problem conclusion

  • Problem was fixed in Version 9.5 Fix Pack 2

Temporary fix

Comments

APAR Information

  • APAR number

    IZ22190

  • Reported component name

    DB2 UDB ESE AIX

  • Reported component ID

    5765F4100

  • Reported release

    950

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2008-05-12

  • Closed date

    2008-09-04

  • Last modified date

    2008-09-04

  • APAR is sysrouted FROM one or more of the following:

    IZ22004

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    DB2 UDB ESE AIX

  • Fixed component ID

    5765F4100

Applicable component levels

  • R950 PSY

       UP

Document information

More support for: DB2 for Linux, UNIX and Windows

Software version: 950

Reference #: IZ22190

Modified date: 04 September 2008