CVE-2005-3643

Description

IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password.

Affected products

• ibm / db2_universal_database7.1 – 7.1
• ibm / db2_universal_database7.2 – 7.2
• ibm / db2_universal_database8.0 – 8.0
• ibm / db2_universal_database8.1 – 8.1
• ibm / db2_universal_database8.1.4 – 8.1.4
• ibm / db2_universal_database8.1.5 – 8.1.5
• ibm / db2_universal_database8.1.6 – 8.1.6
• ibm / db2_universal_database8.1.6c – 8.1.6c
• ibm / db2_universal_database8.1.7 – 8.1.7
• ibm / db2_universal_database8.1.7b – 8.1.7b
• ibm / db2_universal_database8.1.8 – 8.1.8
• ibm / db2_universal_database8.1.8a – 8.1.8a
• ibm / db2_universal_database8.1.9 – 8.1.9
• ibm / db2_universal_database8.1.9a – 8.1.9a

References

• MISChttp://www.ngssoftware.com/papers/database-on-xp.pdf
• MISChttp://www.securityfocus.com/bid/15452