Denial of Service in IBM DB2 Universal Database

Aaron Newman of Application Security discovered that a Denial of Service (DoS) condition exists in IBM DB2 Universal Database. IBM DB2's UDP-based discovery service, listening on port 523, shut downs when it receives more than 20 bytes of data. After the discovery service crashes, the service requires a restart. IBM has released FixPak 10a to address this vulnerability.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.