Re: About DB2 DoS (BID 3010)

From: Michel Arboi (arboiat_private)
Date: Wed Feb 06 2002 - 10:32:22 PST

Next message: Michel Arboi: "BlackIce DoS"

Previous message: Michel Arboi: "About DB2 DoS (BID 3010)"
In reply to: Michel Arboi: "About DB2 DoS (BID 3010)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Investigations going on...
The advisory is imprecise: sending one byte on port 6789 will not always
kill db2jds.exe (= DB2 JDBC Applet Server).
I did a few trials. db2jds may be killed by find_services,
db2_dos.nasl, or miscflood.nasl 

So, you may run db2_dos.nasl, but if it does not kill DB2 does not
mean that you are not vulnerable.

Here is an enhanced (?) version of the script, but it does not seem to
be enough to kill the service anyway.

text/plain attachment: DB2 DoS imperfect test

Next message: Michel Arboi: "BlackIce DoS"
Previous message: Michel Arboi: "About DB2 DoS (BID 3010)"
In reply to: Michel Arboi: "About DB2 DoS (BID 3010)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 06 2002 - 10:32:31 PST