CVE-2003-0758

IBM DB2 Universal Data Base <7.2 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0758. PoCs published by Martinez Kuhn.

AI-analyzed exploit summary This exploit leverages a buffer overflow in the IBM DB2 db2dart utility to achieve local privilege escalation to root. The PoC uses a Perl one-liner to generate a long string of 'A' characters, which is then passed as an argument to the vulnerable utility.

Description

Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Martinez Kuhn · textdoslinux
https://www.exploit-db.com/exploits/23112

This exploit leverages a buffer overflow in the IBM DB2 db2dart utility to achieve local privilege escalation to root. The PoC uses a Perl one-liner to generate a long string of 'A' characters, which is then passed as an argument to the vulnerable utility.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: IBM DB2 v7.2 for Linux x86/s390
Auth required
Prerequisites: Local access · Authentication as db2as user
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac
http://www.ciac.org/ciac/bulletins/n-154.shtml
Third Party Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/13218
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/8552
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106389919618721&w=2

Scores

EPSS 0.0111
EPSS Percentile 61.8%

Details

Status published
Products (1)
ibm/db2_universal_database 7.2
Published Oct 06, 2003
Tracked Since Feb 18, 2026