-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.1625
 Security Bulletin: IBM InfoSphere Balanced Warehouse, IBM Smart Analytics
System and IBM PureData System for Operational Analytics are affected by an
    IBM DB2 LUW denial of service vulnerability (CVE-2014-3095) and IBM
InfoSphere Balanced Warehouse, IBM Smart Analytics System and IBM PureData
 System for Operational Analytics are affected by an IBM DB2 LUW denial of
 service vulnerability in ALTER MODULE statement handling (CVE-2014-3094)
                             19 September 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM InfoSphere Balanced Warehouse
                   IBM Smart Analytics System
                   IBM PureData System for Operational Analytics
Publisher:         IBM
Operating System:  AIX
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Denial of Service               -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-3095 CVE-2014-3094 

Reference:         ESB-2014.1490

Original Bulletin: 
   http://www-01.ibm.com/support/docview.wss?uid=swg21683297
   http://www-01.ibm.com/support/docview.wss?uid=swg21683296

Comment: This bulletin contains two (2) IBM security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Bulletin: IBM InfoSphere Balanced Warehouse, IBM Smart Analytics 
System and IBM PureData System for Operational Analytics are affected by an 
IBM DB2 LUW denial of service vulnerability (CVE-2014-3095)

Security Bulletin

Document information

More support for:
PureData System for Operational Analytics
A1791

Software version:
1.0

Operating system(s):
AIX

Reference #:
1683297

Modified date:
2014-09-17


Summary

The IBM InfoSphere Balanced Warehouse C3000, C4000, D5100, IBM Smart 
Analytics System 1050, 2050, 5600, 5710, 7600, 7700, 7710 and IBM PureData 
System for Operational Analytics ship with either IBM DB2 Version 9.7 or 
Version 10.1. The IBM DB2 SQL engine contains a denial of service 
vulnerability where a malicious user could exploit and cause a disruption of 
service.

Vulnerability Details

CVE-ID: CVE-2014-3095

DESCRIPTION:
IBM DB2 contains a denial of service vulnerability. A remote, authenticated 
user could use a specially-crafted SELECT statement with a subquery 
containing a UNION to crash the DB2 server and cause a disruption of service.

CVSS:
CVSS Base Score: 3.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/94263 
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Affected Products and Versions

IBM InfoSphere Balanced Warehouse C3000
IBM InfoSphere Balanced Warehouse C4000
IBM InfoSphere Balanced Warehouse D5100
IBM Smart Analytics System 1050
IBM Smart Analytics System 2050
IBM Smart Analytics System 5600
IBM Smart Analytics System 5710
IBM Smart Analytics System 7600
IBM Smart Analytics System 7700
IBM Smart Analytics System 7710
IBM PureData System for Operational Analytics A1791

Remediation/Fixes

Find your IBM InfoSphere Balanced Warehouse, IBM Smart Analytics System, or 
IBM PureData System for Operational Analytics product in the table below and 
contact IBM Support with an APAR number to request a special build containing 
an interim fix.

For more information about IBM IDs, see the Help and FAQ.

Product                   Affected Component   APAR      Download Link   Additional Information
IBM InfoSphere Balanced   DB2 V9.7             IT02645   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
Warehouse C3000                                          Support         a denial of service vulnerability using 
IBM InfoSphere Balanced                                                  a SELECT statement with a subquery 
Warehouse C4000                                                          containing a UNION (CVE-2014-3095)
IBM InfoSphere Balanced 
Warehouse D5100
IBM Smart Analytics 
System 1050
IBM Smart Analytics  
System 2050

IBM Smart Analytics       DB2 V9.7             IT02645   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
System 5600                                              Support         a denial of service vulnerability using 
                                                                         a SELECT statement with a subquery 
                                                                         containing a UNION (CVE-2014-3095)

                          DB2 V10.1            IT02646   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
                                                         Support         a denial of service vulnerability using 
                                                                         a SELECT statement with a subquery 
                                                                         containing a UNION (CVE-2014-3095)

IBM Smart Analytics       DB2 V9.7             IT02645   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
System 5710                                              Support         a denial of service vulnerability using 
IBM Smart Analytics                                                      a SELECT statement with a subquery 
System 7600                                                              containing a UNION (CVE-2014-3095)
IBM Smart Analytics 
System 7700
IBM Smart Analytics 
System 7710

IBM PureData System for   DB2 V10.1            IT02646   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
Operational Analytics                                    Support         a denial of service vulnerability using 
A1791                                                                    a SELECT statement with a subquery 
                                                                         containing a UNION (CVE-2014-3095)

Contact IBM Support:
In the United States and Canada dial 1-800-IBM-SERV
View the support contacts for other countries outside of the United States.
Electronically open a Service Request with IBM Support.

Workarounds and Mitigations

None

References
Complete CVSS Guide
On-line Calculator V2

Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

September 17, 2014: Original version published.

*The CVSS Environment Score is customer environment specific and will 
ultimately impact the Overall CVSS Score. Customers can evaluate the impact 
of this vulnerability in their environments by accessing the links in the 
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the 
Common Vulnerability Scoring System (CVSS) is an "industry open standard 
designed to convey vulnerability severity and help to determine urgency and 
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY 
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT 
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- ----------------------------------------------------------------------

Security Bulletin: IBM InfoSphere Balanced Warehouse, IBM Smart Analytics 
System and IBM PureData System for Operational Analytics are affected by an 
IBM DB2 LUW denial of service vulnerability in ALTER MODULE statement 
handling (CVE-2014-3094)

Security Bulletin

Document information

More support for:
PureData System for Operational Analytics
A1791

Software version:
1.0

Operating system(s):
AIX

Reference #:
1683296

Modified date:
2014-09-17


Summary

The IBM InfoSphere Balanced Warehouse C3000, C4000, D5100, IBM Smart 
Analytics System 1050, 2050, 5600, 5710, 7600, 7700, 7710 and IBM PureData 
System for Operational Analytics ship with either IBM DB2 Version 9.7 or 
Version 10.1. IBM DB2 is vulnerable to a stack buffer overflow, caused by 
improper bounds checking in the handling of the ALTER MODULE statement.

Vulnerability Details

CVE ID: CVE-2014-3094

DESCRIPTION:
DB2 is vulnerable to a stack buffer overflow attack, caused by improper 
bounds checking in the handling of ALTER MODULE statements. A remote, 
authenticated user could overflow a buffer and execute arbitrary code with 
DB2 instance owner privileges thereby causing the server to crash.

CVSS:
CVSS Base Score: 8.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/94260 
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:C/I:C/A:C)

Affected Products and Versions

IBM InfoSphere Balanced Warehouse C3000
IBM InfoSphere Balanced Warehouse C4000
IBM InfoSphere Balanced Warehouse D5100
IBM Smart Analytics System 1050
IBM Smart Analytics System 2050
IBM Smart Analytics System 5600
IBM Smart Analytics System 5710
IBM Smart Analytics System 7600
IBM Smart Analytics System 7700
IBM Smart Analytics System 7710
IBM PureData System for Operational Analytics A1791

Remediation/Fixes

Find your IBM InfoSphere Balanced Warehouse, IBM Smart Analytics System, or 
IBM PureData System for Operational Analytics product in the table below and 
contact IBM Support with an APAR number to request a special build containing 
an interim fix.

For more information about IBM IDs, see the Help and FAQ.

Product                   Affected Component   APAR      Download Link   Additional Information
IBM InfoSphere Balanced   DB2 V9.7             IT02592   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
Warehouse C3000                                          Support         a denial of service vulnerability in 
IBM InfoSphere Balanced                                                  ALTER MODULE statement handling.
Warehouse C4000                                                          (CVE-2014-3094)
IBM InfoSphere Balanced 
Warehouse D5100
IBM Smart Analytics 
System 1050
IBM Smart Analytics 
System 2050 

IBM Smart Analytics       DB2 V9.7             IT02592   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
System 5600                                              Support         a denial of service vulnerability in 
                                                                         ALTER MODULE statement handling.
                                                                         (CVE-2014-3094)  
                          DB2 V10.1            IT02593   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
                                                         Support         a denial of service vulnerability in 
                                                                         ALTER MODULE statement handling.
                                                                         (CVE-2014-3094)
IBM Smart Analytics       DB2 V9.7             IT02592   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
System 5710                                              Support         a denial of service vulnerability in 
IBM Smart Analytics                                                      ALTER MODULE statement handling.
System 7600                                                              (CVE-2014-3094)
IBM Smart Analytics 
System 7700
IBM Smart Analytics 
System 7710 	

IBM PureData System for   DB2 V10.1            IT02593   Contact IBM     Security Bulletin: IBM DB2 LUW contains 
Operational Analytics                                    Support         a denial of service vulnerability in 
A1791                                                                    ALTER MODULE statement handling.
                                                                         (CVE-2014-3094)

Contact IBM Support:
In the United States and Canada dial 1-800-IBM-SERV
View the support contacts for other countries outside of the United States.
Electronically open a Service Request with IBM Support.

Workarounds and Mitigations

None

References
Complete CVSS Guide
On-line Calculator V2

Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

September 17, 2014: Original version published.

*The CVSS Environment Score is customer environment specific and will 
ultimately impact the Overall CVSS Score. Customers can evaluate the impact 
of this vulnerability in their environments by accessing the links in the 
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the 
Common Vulnerability Scoring System (CVSS) is an "industry open standard 
designed to convey vulnerability severity and help to determine urgency and 
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY 
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT 
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVBucjBLndAQH1ShLAQIWmQ/6A7R5J7xZnWxUFgz5PkehDTdQDkY4HW/U
dfcBtW/1XIeBPInR7PeM+5OWDFR+7bjPYxy7pdMnLwkAIZZIyNGTpIld32hdwtkj
BY+ieL+ro6Q+GZZJzczTBng8RhtNJdAWgEd1/N+8vis+yifmcaM+/xfXnYfUIceZ
nsHeLNz2m1D0EhxadEP4CWzwFYUoy8f/obXfMBqI7djm1WAT7Nf/oFkHarxnn90A
8902UbqLE7h9CxU/5USvfr8io0pnCGSjIa15nxG28oIzGObp1i0clEd81b18X/FS
YHTeuUeFyYPTOnaoHB+vqH0WyNH5chWRuv8kzbcZnWSCdSnKy7uLgHnHhHf07gAP
bsBxoTzYTiqEdbh/5gdUpBBDWasilf7PBqxBVs05uxG75jwDSPwMmCKjxlUiYMPz
Yv9XppF1aw0Opuw1is/ZVn3YH4K0rjtMXE06Zg2QmWFlrgNIVuHKggc9hzKY/SUY
iNP6YfWOQVsNx2n9cD54OdCWRGwaneBd2zo2t27aeaDMNh6HOBly1RyNlY0zw2PL
IrgmH4cR5TLRPdfxSLc8rqvC736PBDXSSHT9q7Ubf7YtpvCgkI+dtlrmRb8ukape
gHUcP1hmOmy4gIPDfKt8BoGXE5DfDXEFSsIwG3V8fD7ZVMJtHTX6OKOc+vuz2ZRR
Q8Ga5gpEHQI=
=fMBt
-----END PGP SIGNATURE-----