AppDetectivePRO and DbProtect Knowledgebase Update – October 9. 2014

The next update to our AppDetectivePRO and DbProtect Knowledgebase is now available.

Knowledgebase version 4.41 includes checks for new vulnerabilities and configuration issues in SAP (Sybase) ASE, IBM DB2 z/OS, and Oracle. See below for highlights.

New Vulnerability and Configuration Check Highlights

SAP (Sybase) ASE

• Privilege escalation vulnerability and potential remote code execution via hacmpmsgxchg built-in procedure (CVE-2014-6283)

IBM DB2 z/OS

• PM05218: overlay of cache entry
• PM25115: storage overlay in CCB
• PM02841: abend during authorization check

Oracle

• Privilege to execute DBMS_BACKUP_RESTORE granted to PUBLIC
• Privilege to execute DBMS_JOB granted to PUBLIC
• Privilege to execute DBMS_LOB granted to PUBLIC
• Privilege to execute DBMS_OBFUSCATION_TOOLKIT granted to PUBLIC
• Privilege to execute DBMS_SQL granted to PUBLIC

How to Update?

All AppDetectivePRO and DbProtect customers can download and install the latest update from the Customer Support Portal. AppDetectivePRO customers can update their deployment by launching the "Updater" within the product.