CVE-2006-3066

Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection.

Published: Jun 19, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-3066
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ibm / db2_universal_database	8.1.4	8.1.4.x
ibm / db2_universal_database	8.1.6	8.1.6.x
ibm / db2_universal_database	8.1	8.1.x
ibm / db2_universal_database	8.1.8a	8.1.8a.x
ibm / db2_universal_database	8.1.6c	8.1.6c.x
ibm / db2_universal_database	8.1.8	8.1.8.x
ibm / db2_universal_database	8.1.7b	8.1.7b.x
ibm / db2_universal_database	8.0	8.0.x
ibm / db2_universal_database	8.1.5	8.1.5.x
ibm / db2_universal_database	8.1.7	8.1.7.x
ibm / db2_universal_database	8.1.9a	8.1.9a.x
ibm / db2_universal_database	8.1.9	8.1.9.x
ibm / db2_universal_database	-	8.10.x

Vulnerability Database

289,697

CVE-2006-3066