EUVD-2000-0673

Malware in sbrugna...

IBM Net.Data 7.0/7.2 db2www Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9488/info IBM Net.Data is prone to cross-site scripting attacks via error message output. This may permit a remote attack to create a link to a system hosting the software that includes embedded HTML and script code. This...

IBM Net.Data db2www CGI interpreter fails to properly validate requested macro filenames

Overview IBM Net.Data fails to properly validate user input passed to the db2www CGI interpreter, which could allow an attacker to mount a cross-site scripting attack against a vulnerable system. Description IBM Net.Data is a scripting language used to create web applications. Net.Data macros are...

CVE-2000-1110

CVE-2000-1110 affects the IBM Net.Data db2www package: the document.d2w CGI program can be probed to reveal the web server’s physical path when a nonexistent command is sent. This is a path disclosure weakness, with partial impact on confidentiality reported (base score 5.0, MITRE ATT&CK not spec...

CVE-2000-0677

Buffer overflow in IBM Net.Data db2www CGI (PATH_INFO) allows remote code execution. Affected: IBM Net.Data db2www CGI; Root cause: stack overflow triggered by a long PATH_INFO environmental variable. Impact: remote attacker could execute arbitrary code with web server privileges (high risk; CVSS...

CVE-2000-0677

Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATHINFO environmental variable...

ISSalert: Internet Security Systems Security Advisory: Buffer Overflow in IBM Net.Data db2www CGI program

TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...