EUVD-2006-4245

Malware in sbrugna...

Apache Derby exposes user and password attributes

Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...

Information Disclosure

Apache Derby is vulnerable to information disclosure. A context-dependent attacker is able to retrieve the cleartext user and password attributes are exposed via the RDBNAM parameter of the ACCSEC command and the output of the DatabaseMetaData.getURL function...

CVE-2005-4849

Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...

CVE-2005-4849

Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...

[Full-disclosure] Details for BID 19586 - DB2 UDB Vulnerability

DB2 UDB - Handshake Protocol DoS Attack BID 19586 Background DB2 Universal Database UDBtm is a popular database software package from IBM available for legacy platforms as well as open systems Unix and Windows. Clients use a protocol called DRDA to communicate with the DB2 UDB server. Protocol...