Two Major Databases Spring Security Leaks
The security firm Application Security Inc. reported this week that IBM's DB2 Universal Database and MySQL AB's MySQL open-source database have a total of three vulnerabilities that range from low- to high-risk levels.

The first DB2 weakness is a buffer overflow in db2dart. This entails a UDP service used for discovery of DB2 databases on a network. The UDP service is overwhelmed when more than 20 bytes of information are sent.

All versions of DB2 are affected, although the risk level is only medium. The fix is IBM's FixPak 10a, available here.

DB2's second new weakness is a vulnerability to denial-of-service attacks in its discovery service. This is a service used in turn to locate another service when configuring connections. Again, if a packet larger than 20 bytes comes in to the server, the service shuts down.

This vulnerability also affects all versions of DB2. The second DB2 flaw has a low risk level. The fix is available here.

The MySQL database has potential for a buffer overflow in its "get_salt_from_password" function. This is a serious risk, and it affects all versions of MySQL. According to Newman, a malicious user could grant him- or herself administrative privi-leges and then use the function to trigger a buffer overflow.

http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/download.d2w/report

http://www.mysql.com/downloads/mysql-4.0.html

http://www.mysql.com/downloads/mysql-3.23.html

http://www.eweek.com/article2/0,4149,1306270,00.asp