CVE-2004-0795

DB2 8.1 - Privilege Escalation

Title source: llm

Description

DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.

Exploits (1)

metasploit WORKING POC

by MC · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/db2/db2rcmd.rb

View Code ZIP pw:eip

References (5)

[Mailing List] http://marc.info/?l=bugtraq&m=107885081414173&w=2

[Vendor Advisory] http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/9821

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15420

[Various Sources] http://www.nextgenss.com/advisories/db2rmtcmd.txt

Scores

EPSS 0.3191

EPSS Percentile 96.7%

Classification

Status draft

Affected Products (1)

ibm/db2_universal_database

Timeline

Published Oct 20, 2004

Tracked Since Feb 18, 2026