From: rob@xxxxxxxxx

This link points to a hack for DB2 UDB on Unix, Linux and Windows. Hey,
if it was only Windows I would leave it at that, but is there a matching
apar for i5/os?
http://www-1.ibm.com/support/docview.wss?uid=swg1IY97750


Can't happen on i5/OS. The key words are "specially crafted" and "stack
overflow" which signify a standard LUW (Linux/Unix/Windows) exploit of
sending your own code in a data buffer and then tricking the server into
executing it. In order to accomplish this, you have to be able to set the
program execution pointer to a data space, and that basically isn't possible
in i5/OS.

Whenever you see the terms mentioned above (and/or "remote code execution")
you can be assured that it's yet another LUW-only exploit, and that i5/OS as
usual is completely safe (and thus needs no fixes).

Joe


This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].