Lists & Awards

Top Articles

Link to AI 50 List

AI 50 List

Channel Insider's editorial team spotlights the top AI leaders from MSPs, vendors, and channel businesses delivering measurable outcomes.

Link to CML 100 Honorees

CML 100 Honorees

Check out our CML 100 List to discover the top channel marketing individuals who are transforming channel marketing for their organizations.

Link to HSP 250 List

HSP 250 List

View our HSP250 list to see the top Hybrid Solution Providers that have proactively embraced the future of tech.

Link to The 2024 Channel Insider VIP List

The 2024 Channel Insider VIP List

Channel Insider sought nominations from IT vendors, solution providers, and partners to highlight impactful collaborations. Check out our top choices here.
About About

News and Trends

SHARE

IBM Issues Patch for DB2 Security Flaw

IBM Corp. has issued a patch for a DB2 database vulnerability that, left undetected, could let an intruder compromise administration privileges for DB2 8.1 Enterprise Edition on Microsoft Windows. To exploit the DB2 flaw, all that is required by a perpetrator is a user ID and password. Through a guest account, an attacker could run […]

Written By

Mar 10, 2004

Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

IBM Corp. has issued a patch for a DB2 database vulnerability that, left undetected, could let an intruder compromise administration privileges for DB2 8.1 Enterprise Edition on Microsoft Windows.

To exploit the DB2 flaw, all that is required by a perpetrator is a user ID and password. Through a guest account, an attacker could run commands as an administrator because the Remote Command Server does not drop privileges, said David Litchfield, managing director at London-based Next Generation Security Software Ltd.

According to Litchfield, the Remote Command Server listens on a named pipe, where a small “conversation” takes place when a user connects and sends commands down the pipe. DB2 will then execute that command upon request.

Officials of Armonk, N.Y.-based IBM said no DB2 users have been affected by the vulnerability. Litchfield, however, said the threat to an organization is very real and should be properly addressed.

IBM has included a fix for the DB2 8.1 Enterprise Edition problem in Fixpak 5 at its DB2 technical support Web site.

Click here for the full story.

Brian Fonseca

Recommended for you...

Gigamon Unveils Agentic AI App to Boost IT Productivity

Gigamon Unveils Agentic AI App to Boost IT Productivity

Gigamon Insights brings AI-driven security, compliance, and observability with integrations for AWS, Elastic, and Splunk.

Sep 16, 2025

Sentra Releases Security Guardrail Tooling for Copilot Users

Sentra Releases Security Guardrail Tooling for Copilot Users

Sentra launches Copilot security for Microsoft 365: MPIP auto-labeling, access governance, and Purview DLP integration to protect sensitive data.

Victoria Durgin

Sep 16, 2025

BlackFog & Exertis Enterprise Ink Distribution Deal

Channel Business

BlackFog & Exertis Enterprise Ink Distribution Deal

BlackFog partners with Exertis Enterprise to bring ADX on-device data-exfiltration protection to UK & mainland Europe channel partners & resellers.

Victoria Durgin

Sep 16, 2025

Proofpoint Intros Agentic AI-Based Compliance Offering

Proofpoint Intros Agentic AI-Based Compliance Offering

Proofpoint debuts AI-powered HCI to monitor 80+ channels, enabling enterprises to detect, interpret, and prevent compliance risks in real time.

Sep 16, 2025

Channel Insider combines news and technology recommendations to keep channel partners, value-added resellers, IT solution providers, MSPs, and SaaS providers informed on the changing IT landscape. These resources provide product comparisons, in-depth analysis of vendors, and interviews with subject matter experts to provide vendors with critical information for their operations.

Company

About us Contact us Advertise with us

Categories

Channel Business Security AI Infrastructure Lists & Awards

Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information