CVE-2003-0898

IBM DB2 <7.2 - Privilege Escalation

Title source: llm

Description

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Juan Manuel Pascual EscribÃ¡ · bashlocalunix

https://www.exploit-db.com/exploits/22988

View Code ZIP pw:eip

References (2)

[Various Sources] ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt

[Mailing List] http://marc.info/?l=bugtraq&m=106010332721672&w=2

Scores

EPSS 0.0271

EPSS Percentile 85.9%

Details

Status published

Products (2)

ibm/db2_universal_database 7.1

ibm/db2_universal_database < 8.0

Published Nov 17, 2003

Tracked Since Feb 18, 2026