Tag Archives: db2

Analysis of CVE-2012-0711 (IBM DB2 Integer Signedness Error)

It this post I’m going to analyse the details of CVE-2012-0711 (IBM’s security bulettin), an integer signedness bug, I’ve found in IBM DB2 Express-C a while ago. The description of the bug: “Integer signedness error in the db2dasrrm process in … Continue reading

Posted in Bugs, Security | Tagged , , , , , | Leave a comment

Analysis of ZDI-11-036, DB2DAS “ping of death”

In this post I try to analyse/reverse engineer ZDI-11-036, a buffer overflow, in the IBM DB2 administration service. We can check the advisory at ZDI for information about the vulnerability: The flaw exists within the db2dasrrm component which listens by … Continue reading

Posted in Security | Tagged , , , | 2 Comments