Lucene search
+L

184 matches found

Tenable Nessus
Tenable Nessus
added 2012/03/14 12:0 a.m.16 views

IBM DB2 9.5 < 9.5 Fix Pack 9 Multiple Vulnerabilities

Binary data 6347.prm...

10CVSS7.3AI score0.04627EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2012/03/08 12:0 a.m.49 views

DB2 9.5 < Fix Pack 9 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.5 running on the remote host is prior to Fix Pack 9. It is, therefore, affected by the following vulnerabilities : - Incorrect, world-writable file permissions are in place for the file 'NODES.REG'. IC79518 - An unspecified error can allow...

10CVSS5.5AI score0.04627EPSS
Exploits0References12
Check Point Advisories
Check Point Advisories
added 2011/09/27 12:0 a.m.23 views

Oracle Secure Backup Administration Server validate_login Command Injection (CVE-2011-2261)

A command injection vulnerability has been reported in Oracle secure backup administration server. The vulnerability is due to insufficient user data filtering. A remote attacker may exploit this vulnerability by sending a specially crafted HTTP request to a target user. Successful exploitation...

10CVSS7.2AI score0.03244EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/07/27 12:0 a.m.29 views

Oracle Secure Backup Administration Server login.php XSS

The version of Oracle Secure Backup Administration server running on the remote host has a cross-site scripting vulnerability. Input to the 'mode' parameter of login.php is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...

4.3CVSS5.3AI score0.01554EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/07/25 12:0 a.m.29 views

Oracle Secure Backup Administration Server login.php uname Parameter Arbitrary Command Injection

The version of Oracle Secure Backup Administration Server running on the remote host fails to adequately sanitize user-supplied input to the 'uname' parameter of 'login.php'. The system performs some sanitization which limits exploitation of this issue, but code execution is still possible. A...

10CVSS5.6AI score0.03244EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.111 views

Nmap NSE net: db2-das-info

Connects to the IBM DB2 Administration Server DAS on TCP or UDP port 523 and exports the server profile. No authentication is required for this request. The script will also set the port product and version if a version scan is requested. OpenVAS Vulnerability Test $Id: gbnmapdb2dasinfonet.nasl...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2011/03/09 12:0 a.m.5 views

IBM DB2 Universal Database receiveDASMessage Buffer Overflow (CVE-2011-0594)

IBM DB2 Database is a relational database management system that includes the DB2 Administration Server DAS service. The DB2 Administration Server DAS assists the Control Center and Configuration Assistant in enabling remote administration of DB2 database instances, providing the facility for job...

9.3CVSS7.3AI score0.07221EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/02/07 12:0 a.m.37 views

IBM Db2 Administration Server (DAS) Buffer Overflow Vulnerability

IBM Db2 is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2"; ifdescription...

7.5CVSS9.6AI score0.0446EPSS
Exploits0References5
NVD
NVD
added 2011/02/01 6:0 p.m.22 views

CVE-2011-0731

Buffer overflow in the DB2 Administration Server DAS component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors...

7.5CVSS7.7AI score0.0446EPSS
Exploits0References7
Prion
Prion
added 2011/02/01 6:0 p.m.19 views

Buffer overflow

Buffer overflow in the DB2 Administration Server DAS component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors...

7.5CVSS8.3AI score0.0446EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/02/01 12:0 a.m.17 views

Micro Focus Enterprise Administration Server Authentication Check

The administration interface for the remote Micro Focus Enterprise Server is accessible without authentication. A remote attacker is able to access potentially sensitive information and modify any settings available through this administration interface. %NASLMINLEVEL 70300 C Tenable Network...

5.6AI score
Exploits0
Saint
Saint
added 2010/12/06 12:0 a.m.107 views

Oracle Secure Backup Administration preauth variable command injection

Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...

9CVSS6.9AI score0.02243EPSS
Exploits12
Saint
Saint
added 2010/12/06 12:0 a.m.53 views

Oracle Secure Backup Administration preauth variable command injection

Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...

9CVSS6.9AI score0.02243EPSS
Exploits12
Saint
Saint
added 2010/12/06 12:0 a.m.28 views

Oracle Secure Backup Administration preauth variable command injection

Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...

9CVSS6.9AI score0.02243EPSS
Exploits12
OpenVAS
OpenVAS
added 2010/10/08 12:0 a.m.36 views

IBM DB2 Multiple Vulnerabilities (Oct10)

The host is running IBM DB2 and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbibmdb2multvulnoct10.nasl 7585 2017-10-26 15:03:01Z cfischer $ IBM DB2 Multiple Vulnerabilities Oct10 Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Networks GmbH,...

10CVSS0.8AI score0.09582EPSS
Exploits0References5
Prion
Prion
added 2010/10/05 6:0 p.m.28 views

Stack overflow

Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasrrm in the DB2 Administration Server DAS component in IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP3 allows remote attackers to execute arbitrary code via a long...

10CVSS8.5AI score0.09582EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2010/10/05 5:0 p.m.36 views

CVE-2010-3731

Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasrrm in the DB2 Administration Server DAS component in IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP3 allows remote attackers to execute arbitrary code via a long...

7.8AI score0.09582EPSS
Exploits0References10
Check Point Advisories
Check Point Advisories
added 2010/08/16 12:0 a.m.53 views

Oracle Secure Backup Administration Server uname Var Authentication Bypass (CVE-2010-0904)

Oracle Secure Backup is a backup solution allowing for single point of management of data present on network attached storage NAS devices and distributed hosts. An authentication bypass vulnerability has been reported in Oracle Secure Backup server. The vulnerability is due to a flaw in the logic...

5CVSS6.4AI score0.50625EPSS
Exploits6
NVD
NVD
added 2010/07/13 10:30 p.m.18 views

CVE-2010-2385

Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4.0.13 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration Server...

5.8CVSS5.7AI score0.01502EPSS
Exploits0References1
Prion
Prion
added 2010/07/13 10:30 p.m.18 views

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4.0.13 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration Server...

5.8CVSS6.2AI score0.01502EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder