Lucene search
K

7 matches found

Circl
Circl
added 2018/05/29 3:50 p.m.19 views

CVE-2008-0244

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/maxdb/maxdbconsexec.rb 2025-02-06 03:13:38+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:08:27+00:00| seen|...

10CVSS5.5AI score0.80311EPSS
Exploits8References1
Tenable Nessus
Tenable Nessus
added 2008/05/09 12:0 a.m.39 views

SAP MaxDB Multiple Vulnerabilities

The remote host is running MaxDB, a database server from SAP. According to its version, the remote server is affected by a multiple flaws : - A vulnerability in 'vserver' process could allow an unauthenticated attacker to execute arbitrary code, subject to the privileges of the user under which t...

10CVSS6.3AI score0.80311EPSS
Exploits9References6
Saint
Saint
added 2008/01/16 12:0 a.m.33 views

MySQL MaxDB cons.exe command injection

Added: 01/16/2008 CVE: CVE-2008-0244 BID: 27206 OSVDB: 40210 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem The MaxDB server handles the execsdbinfo command by invoking the cons.exe program through a system call without sufficiently checking the arguments for...

10CVSS6.8AI score0.80311EPSS
Exploits8
Saint
Saint
added 2008/01/16 12:0 a.m.21 views

MySQL MaxDB cons.exe command injection

Added: 01/16/2008 CVE: CVE-2008-0244 BID: 27206 OSVDB: 40210 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem The MaxDB server handles the execsdbinfo command by invoking the cons.exe program through a system call without sufficiently checking the arguments for...

10CVSS6.8AI score0.80311EPSS
Exploits8
Saint
Saint
added 2008/01/16 12:0 a.m.34 views

MySQL MaxDB cons.exe command injection

Added: 01/16/2008 CVE: CVE-2008-0244 BID: 27206 OSVDB: 40210 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem The MaxDB server handles the execsdbinfo command by invoking the cons.exe program through a system call without sufficiently checking the arguments for...

10CVSS6.8AI score0.80311EPSS
Exploits8
CVE
CVE
added 2008/01/12 2:0 a.m.67 views

CVE-2008-0244

SAP MaxDB is affected by a remote command-injection in the exec_sdbinfo handling that invokes cons.exe via system() without proper input validation. This allows unauthenticated remote attackers to execute arbitrary commands on MaxDB servers (MaxDB 7.6.x and earlier; vulnerability noted for 7.6.0....

10CVSS7.4AI score0.80311EPSS
Exploits8References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/01/11 12:0 a.m.73 views

SAP DB / MaxDB Cons Program Arbitrary Command Execution

The version of SAP DB / MaxDB installed on the remote host fails to sanitize user-supplied input to the 'show' and 'execsdbinfo' commands before passing it to a 'system' call. An unauthenticated, remote attacker can leverage this issue to execute arbitrary commands on the affected host subject to...

10CVSS6AI score0.80311EPSS
Exploits8References4
Rows per page
Query Builder