I'm getting one host in our DMZ (not running DB2 BTW) triggering
db2_discovery_DoS.nasl.
It reports:
results|xxx|1xxxxxxx|ibm-db2 (523/tcp)|11896|Security Hole|\nIt was
possible to crash the DB2 UDP based discovery service\nby sending a too
long packet.\n\nAn attacker may use this attack to make this service
crash \ncontinuously, preventing you from working
properly.\n\n\nSolution: upgrade your software - apply FixPack
10a\n\nRisk factor : Low\nCVE : CAN-2003-0827\n
It says "tcp", but the description states "udp". I tend to ignore udp
alerts due to the extreme FP rate - so this one freaked me out as it
said "tcp" :-)
This is Nessus-2.2.4
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
db2_discovery_DoS.nasl.
It reports:
results|xxx|1xxxxxxx|ibm-db2 (523/tcp)|11896|Security Hole|\nIt was
possible to crash the DB2 UDP based discovery service\nby sending a too
long packet.\n\nAn attacker may use this attack to make this service
crash \ncontinuously, preventing you from working
properly.\n\n\nSolution: upgrade your software - apply FixPack
10a\n\nRisk factor : Low\nCVE : CAN-2003-0827\n
It says "tcp", but the description states "udp". I tend to ignore udp
alerts due to the extreme FP rate - so this one freaked me out as it
said "tcp" :-)
This is Nessus-2.2.4
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1