FileMaker Pro Client Request User Passwords Remote Disclosure

The remote host is running a FileMakerPro server. There is a flaw in the design of the FileMakerPro server which makes the database authentication occur on the client side. A remote attacker could exploit this flaw to gain access to databases by connecting to this port with a rogue client. C...

FileMaker Pro network protocol sends passwords to any client attempting to connect to a shared database.

I recently discovered a serious bug in FileMaker Pro's database sharing. FileMaker have just released an advisory about this on their security pages: http://www.filemaker.com/support/security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: FileMaker Pro network protocol sends passwords to...

Filemaker Pro 5.0v3 and below does not adequately protect web-enabled databases

Overview FileMaker may expose data inadvertently. Description FileMaker Web Companion prior to version 5.0v4 permits unauthorized access to data even if the database manager believes that data is protected by Field Level Security. --- Impact Attackers can read information, including items such as...

CVE-2000-0386

The CVE-2000-0386 entry concerns FileMaker Pro 5 Web Companion, where remote attackers can send anonymous or forged email. The provided documents confirm this description but do not include deeper root-cause, affected versions, exploit details, or remediation. No explicit fix/version information ...

CVE-2000-0386

FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email...

CVE-2000-0385

FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities...

CVE-2000-0385

FileMaker Pro Web Companion (5.0v3 and earlier) exposes data by bypassing Field-Level Security via XML publishing or email, allowing unauthorized access. The CERT entry confirms attackers can read data thought protected. Remediation: upgrade to FileMaker Pro 5.0v4 or later as described by FileMak...

filemaker.pro5

/off topic: please in the list disable or add filter to your auto-reply/ from:http://www.blueworld.com/blueworld/news/05.01.00-FM5Sec urity.html .../... The precise details of how to exploit these holes is minimized to prevent compromising the integrity of all current Internet-accessible FileMake...

4ward:It's a blue world!

/off topic: please in the list disable or add filter to your auto-reply/ from:http://www.blueworld.com/blueworld/news/05.01.00-FM5Sec urity.html .../... The precise details of how to exploit these holes is minimized to prevent compromising the integrity of all current Internet-accessible FileMake...

Дыры в FileMaker Pro

Различные дырки позволяют непривилегированному пользователю получить доступ к внутренней ифнормации сервера, а так же несанкционированно использовать его почтовые возможности...

CVE-2000-0386

FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email...

CVE-2000-0385

FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities...