Vulnerability Details : CVE-2004-0795
DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.
Exploit prediction scoring system (EPSS) score for CVE-2004-0795
Probability of exploitation activity in the next 30 days: 2.08%
Metasploit modules for CVE-2004-0795
IBM DB2 db2rcmd.exe Command Execution VulnerabilityDisclosure Date : 2004-03-04auxiliary/admin/db2/db2rcmdThis module exploits a vulnerability in the Remote Command Server component in IBM's DB2 Universal Database 8.1. An authenticated attacker can send arbitrary commands to the DB2REMOTECMD named pipe which could lead to administrator privileges. Authors: - MC <[email protected]>
CVSS scores for CVE-2004-0795
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|