DB2 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The Remote Command Server, DB2RCMD.EXE, listens on a named port DB2REMOTECMD. When a connection is made to the pipe a new process is created, db2rcmdc.exe, which executes the command with the privileges of the db2admin administrator account. This flaw may lead to a loss of Confidentiality, Integrity or Availability.

Currently, there are no known workarounds or upgrades to correct this issue. However, IBM has released Fixpak 5 to address this vulnerability.

• Secunia Advisory ID: 11086
• ISS X-Force ID: 15420
• CVE ID: 2004-0795 (see also: NVD)
• Metasploit ID: 4180
• Bugtraq ID: 9821
• Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107885081414173&w=2
• Other Advisory URL: http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894
  http://www.nextgenss.com/advisories/db2rmtcmd.txt
• Keyword: IBM APAR IY53894

• David Litchfield - davidngssoftware.com - NGSSoftware