184 matches found
IBM DB2 9.5 < 9.5 Fix Pack 9 Multiple Vulnerabilities
Binary data 6347.prm...
DB2 9.5 < Fix Pack 9 Multiple Vulnerabilities
According to its version, the installation of IBM DB2 9.5 running on the remote host is prior to Fix Pack 9. It is, therefore, affected by the following vulnerabilities : - Incorrect, world-writable file permissions are in place for the file 'NODES.REG'. IC79518 - An unspecified error can allow...
Oracle Secure Backup Administration Server validate_login Command Injection (CVE-2011-2261)
A command injection vulnerability has been reported in Oracle secure backup administration server. The vulnerability is due to insufficient user data filtering. A remote attacker may exploit this vulnerability by sending a specially crafted HTTP request to a target user. Successful exploitation...
Oracle Secure Backup Administration Server login.php XSS
The version of Oracle Secure Backup Administration server running on the remote host has a cross-site scripting vulnerability. Input to the 'mode' parameter of login.php is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...
Oracle Secure Backup Administration Server login.php uname Parameter Arbitrary Command Injection
The version of Oracle Secure Backup Administration Server running on the remote host fails to adequately sanitize user-supplied input to the 'uname' parameter of 'login.php'. The system performs some sanitization which limits exploitation of this issue, but code execution is still possible. A...
Nmap NSE net: db2-das-info
Connects to the IBM DB2 Administration Server DAS on TCP or UDP port 523 and exports the server profile. No authentication is required for this request. The script will also set the port product and version if a version scan is requested. OpenVAS Vulnerability Test $Id: gbnmapdb2dasinfonet.nasl...
IBM DB2 Universal Database receiveDASMessage Buffer Overflow (CVE-2011-0594)
IBM DB2 Database is a relational database management system that includes the DB2 Administration Server DAS service. The DB2 Administration Server DAS assists the Control Center and Configuration Assistant in enabling remote administration of DB2 database instances, providing the facility for job...
IBM Db2 Administration Server (DAS) Buffer Overflow Vulnerability
IBM Db2 is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2"; ifdescription...
CVE-2011-0731
Buffer overflow in the DB2 Administration Server DAS component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors...
Buffer overflow
Buffer overflow in the DB2 Administration Server DAS component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors...
Micro Focus Enterprise Administration Server Authentication Check
The administration interface for the remote Micro Focus Enterprise Server is accessible without authentication. A remote attacker is able to access potentially sensitive information and modify any settings available through this administration interface. %NASLMINLEVEL 70300 C Tenable Network...
Oracle Secure Backup Administration preauth variable command injection
Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...
Oracle Secure Backup Administration preauth variable command injection
Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...
Oracle Secure Backup Administration preauth variable command injection
Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...
IBM DB2 Multiple Vulnerabilities (Oct10)
The host is running IBM DB2 and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbibmdb2multvulnoct10.nasl 7585 2017-10-26 15:03:01Z cfischer $ IBM DB2 Multiple Vulnerabilities Oct10 Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Stack overflow
Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasrrm in the DB2 Administration Server DAS component in IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP3 allows remote attackers to execute arbitrary code via a long...
CVE-2010-3731
Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasrrm in the DB2 Administration Server DAS component in IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP3 allows remote attackers to execute arbitrary code via a long...
Oracle Secure Backup Administration Server uname Var Authentication Bypass (CVE-2010-0904)
Oracle Secure Backup is a backup solution allowing for single point of management of data present on network attached storage NAS devices and distributed hosts. An authentication bypass vulnerability has been reported in Oracle Secure Backup server. The vulnerability is due to a flaw in the logic...
CVE-2010-2385
Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4.0.13 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration Server...
Design/Logic Flaw
Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4.0.13 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration Server...