IBM Issues Patch For DB2 'Viper' Security Flaw
The flaw in one of the latest releases could allow local users to write to, or alter, any file on a company's system.
IBM has released a patch to fix a security vulnerability affecting the Unix, Windows and Linux versions of its DB2 9.1 database software -- previously, code-named Viper.
IBM says there is no workaround for the flaw and that if users don't apply the patch their system "is susceptible to a security vulnerability," according to a statement currently posted on IBM's Web site.
IBM says the flaw could allow local users to write to, or alter, any file on a company's system.
The same vulnerability exists in DB2 version 8, IBM cautions. However, a fix for that version won't be available until April, IBM says.
Released back in June 2006, DB2 9 is touted as an improvement over previous versions as it was designed as more of a self-governing, self-fixing database system that can self-tune the amount of memory assigned to a database.
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
Aug 15, 20242024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022