Vulnerabilities I found:

Two DoS vulnerabilities in IBM DB2 9.5 (CVE-2009-0172, CVE-2009-0173):

IZ36534: SECURITY: MALICIOUS CONNECT DATA STREAM CAN CAUSE DENIAL OF SERV ICE.

IZ39373: SECURITY: MALICOUS DATA STREAM CAN CAUSE THE DB2 SERVER TO TRAP.

my blog post about it

Oracle Critical Patch Update Advisory - April 2009

my blog post about CVE-2009-0991 Listener vulnerability

Oracle Critical Patch Update Advisory - July 2009

CVE-2009-1970 (CVSS 5.0): my blog post about CVE-2009-1970

CVE-2009-1963 (CVSS 7.5): my blog post about CVE-2009-1963

CVE-2009-1019 (CVSS 7.5): my blog post about CVE-2009-1019

CVE-2009-1020 (CVSS 9.0): my blog post about CVE-2009-1020

Oracle Critical Patch Update Advisory - October 2009

my blog post about CVE-2009-1979

Oracle Critical Patch Update Advisory - January 2010 (also listed among security-in-depth contributors)

my blog post about CVE-2010-0071

Oracle Critical Patch Update Advisory - July 2010

my blog post about CVE-2010-0911

Oracle Critical Patch Update Advisory - April 2011

Oracle Critical Patch Update Advisory - July 2011

Oracle Critical Patch Update Advisory - January 2012

my blog post about CVE-2012-0072

Oracle Critical Patch Update Advisory - July 2012

my blog post about three PoCs from CPUjul2012

2009/02/14 15:14:46 1.0a-525 gul
protocol.c,2.193,2.194
Bugfix: segfault on crafted input sequences,
possible remote DoS for multithread versions (win32 and OS/2).
Thanks to Dennis Yurichev.

CVS binkd history

packetstormsecurity.com

exploit-db.com

→ [back to the main page]