IBM recently released patches for three security vulnerabilities affecting various versions of DB2 for Linux, Unix and Windows. This post will explore some more technical details of two of these vulnerabilities (CVE-2014-0907 and CVE-2013-6744) to help database administrators assess the risk of the vulnerabilities in the context of their own environment and design possible protections or workarounds. The post will also explain how to verify that a database is patched against these vulnerabilities using our AppDetectivePRO or DbProtect products.
more here...........http://blog.spiderlabs.com/2014/07/about-two-ibm-db2-luw-vulnerabilities-patched-recently.html
more here...........http://blog.spiderlabs.com/2014/07/about-two-ibm-db2-luw-vulnerabilities-patched-recently.html