CVE-2003-0898

IBM DB2 <7.2 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0898. PoCs published by Juan Manuel Pascual Escribá.

AI-analyzed exploit summary This exploit leverages a symbolic link vulnerability in IBM DB2's db2job utility to overwrite sensitive files (e.g., /etc/passwd, /etc/shadow) with root privileges, enabling local privilege escalation. The script creates a malicious cron job to add a backdoor user with UID 0.

Description

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Juan Manuel Pascual Escribá · bashlocalunix
https://www.exploit-db.com/exploits/22988

This exploit leverages a symbolic link vulnerability in IBM DB2's db2job utility to overwrite sensitive files (e.g., /etc/passwd, /etc/shadow) with root privileges, enabling local privilege escalation. The script creates a malicious cron job to add a backdoor user with UID 0.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: IBM DB2 (versions affected by CVE-2003-0898)
Auth required
Prerequisites: Local access to a system with IBM DB2 installed · Membership in the db2asgrp group or access to db2as/db2inst1 accounts · db2job utility must be executable by the attacker
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106010332721672&w=2

Scores

EPSS 0.0057
EPSS Percentile 42.4%

Details

Status published
Products (2)
ibm/db2_universal_database 7.1
ibm/db2_universal_database < 8.0
Published Nov 17, 2003
Tracked Since Feb 18, 2026