Application Defense Center Submitted Client-Server Protocol Flaw to IBM; Fixpack Patch Released

WHO:

Imperva Application Defense Center (ADC)

WHAT:

Discovered a client-server protocol vulnerability in IBM DB2 version 8 databases that enables any attacker with network access to the database server to take down or even run arbitrary code on the server’s machine. The severity of this flaw is magnified by the fact that it does not require database credentials in order to be exploited. In addition, since this is a network level flaw, attacks elude DB2’s built-in auditing mechanism.   IBM released Fixpack 12 on May 12th which addresses this and other vulnerabilities. The Imperva SecureSphere Database Security Gateway automatically protects IBM DB2 version 8 databases against this vulnerability. These protection capabilities are outlined in the Imperva Security Advisory entitled “DB2 RDBMS – Critical Buffer Overrun Vulnerability”.

WHERE:

WHEN:

IBM released APAR IY84096 on May 30th, 2006.

HOW:

ADC conducts ongoing research into database security issues, and discovered this vulnerability as part of its inspection of database access protocols. ADC’s research findings are used to enhance the SecureSphere product line with next generation attack detection and protection features.

About the Imperva Application Defense Center

Imperva’s Application Defense Center (ADC) is a research and professional services organization dedicated to building the most advanced application security knowledge base in the world. The ADC has over 20 years combined experience in application and database security research. ADC research combines extensive lab work with hands-on practice in real world environments. ADC findings include the discovery of over 50 commercial application vulnerabilities of which 18 have been published.

About Imperva

Imperva is the leader in application data security and compliance. Leading enterprise and government organizations worldwide rely on Imperva to prevent data theft and abuse, and ensure data integrity. The company’s SecureSphere products provide data governance and protection solutions that monitor, audit and secure business applications and databases. For more information, visit www.imperva.com

# # #

Imperva and SecureSphere are trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.

Editorial Contact

Marc Gendron
(781) 237-0341
marc@mqpr.net