IBM DB2 Insecure DMS Directory Permissions Vulnerability

info
discussion
exploit
solution
references

IBM DB2 Insecure DMS Directory Permissions Vulnerability

IBM DB2 creates DMS (Database Managed Space) directories with world-writeable permissions (mode 777). Malicious local users could take advantage of this issue to delete or tamper with files in these directories.

This issue was reported to exist on AIX releases of the software.