Threat Finder

Threat ID
519
Threat Date
08/06/2007
Threat Name
Date/Varchar DoS
CVE Reference
CVE-2001-0052
CCE Reference
CCE-NO-MATCH
Risk
Low
Database Type
IBM DB2
Category
Patchable Vulnerabilities
Versions
IBM DB 6 and 7 on Windows
Summary
A denial of service vulnerability was discovered in the query processor. When running a specially-formatted SELECT statement, the database crashes.
Overview
DB2 provides a version of SQL with complex procedural extensions. This gives users of DB2 the ability to create stored procedures with complex logic. The SQL is compiled by the Query Compiler engine.

A normal user may be able to crash the database by executing a malicious query. If a query contains a datetime type and varchar type, the database has a problem processing the query and ceases to function. This error occurs when the following query was executed and compiled.

SELECT * FROM EMPLOYEE WHERE YEAR(BIRTHDATE)=1999 AND FIRSTNME<''

Handling of the YEAR function crashes causing the database to stop.
References
http://online.securityfocus.com/archive/1/149207
http://online.securityfocus.com/bid/2067
http://www.iss.net/security_center/static/5664.php
http://www.safermag.com/html/safer32/alerts/67.html
VMSKey
STIGID

Additional information including fix script information is available in the licensed versions of Application Security's DbProtect and AppDetectivePro solutions.

Powered by