EUVD-2002-1466

Malware in sbrugna...

DB4Web 3.4/3.6 Connection Proxy Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5725/info DB4Web is an application server that allows read and write access to relational databases and other information sources, via the web. The application is available for Windows, Linux, and various Unix platforms. ...

DB4Web 3.4/3.6 File Disclosure Vulnerability

No description provided by source...

DB4Web directory traversal

It is possible to read any file on your system through the DB4Web software. OpenVAS Vulnerability Test $Id: db4webdirtrav.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: DB4Web directory traversal Authors: Michel Arboi Copyright: Copyright C 2002 Michel Arboi This program is free software; y...

DB4Web TCP relay

DB4Web debug page allows anybody to scan other machines. You may be held for responsible. OpenVAS Vulnerability Test $Id: db4webtcprelay.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: DB4Web TCP relay Authors: Michel Arboi Copyright: Copyright C 2002 Michel Arboi This program is free...

DB4Web directory traversal

It is possible to read any file on your system through the DB4Web software. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DB4Web TCP relay

DB4Web debug page allows anybody to scan other machines. You may be held for responsible. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2002-1483

db4webc and db4webc.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form 1 C: drive letter, 2 //absolute/path double-slash, or 3 .. dot-dot...

CVE-2002-1484

DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems port scan via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error...

CVE-2002-1483

db4webc and db4webc.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form 1 C: drive letter, 2 //absolute/path double-slash, or 3 .. dot-dot...

CVE-2002-1483

CVE-2002-1483 affects DB4Web 3.4 and 3.6, specifically the db4web_c and db4web_c.exe components. A directory-traversal flaw allows remote attackers to read arbitrary files via an HTTP request where the filename argument is of form C: (drive letter), //absolute/path, or .., exposing data from the ...

CVE-2002-1484

DB4Web server vulnerability CVE-2002-1484: when configured to show verbose debug messages, the server can be abused as a proxy to initiate TCP connections to arbitrary hosts/ports, effectively enabling port-scanning-like behavior. The attack is triggered by requesting a URL that encodes the targe...

CVE-2002-1484

DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems port scan via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error...

DB4Web Server Debug Mode TCP Port Scanning Proxy

The DB4Web debug page allows anybody to scan other machines. This could allow a remote attacker to learn more about the internal network layout, which could be used to mount further attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: From:[email protected] To:...

DB4Web Server db4web_c Filename Request Traversal Arbitrary File Access

The version of DB4Web running on the remote web server has an directory traversal vulnerability. A remote attacker could use this to read arbitrary files on the server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: From:[email protected] To:[email protected]...

guardadv.db4web.txt

Guardeonic Solutions AG www.guardeonic.com Security Advisory 01-2002 Advisory Name: DB4Web R File Disclosure Release Date: 09/17/02 Affected Product: DB4Web R Application Server Platform: Linux, nix, MS Windows Version: Unknown Severity: A DB4Web component allows files on the server to be...

Advisory: File disclosure in DB4Web

Guardeonic Solutions AG www.guardeonic.com Security Advisory 01-2002 Advisory Name: DB4Web R File Disclosure Release Date: 09/17/02 Affected Product: DB4Web R Application Server Platform: Linux, nix, MS Windows Version: Unknown Severity: A DB4Web component allows files on the server to be...

DB4Web 3.43.6 - File Disclosure

DB4Web 3.43.6 - File Disclosure source: https://www.securityfocus.com/bid/5723/info DB4Web is an application server that allows read and write access to relational databases and other information sources, via the web. The application is available for Windows, Linux, and various Unix platforms. A...

DB4Web 3.43.6 - Connection Proxy

DB4Web 3.43.6 - Connection Proxy source: https://www.securityfocus.com/bid/5725/info DB4Web is an application server that allows read and write access to relational databases and other information sources, via the web. The application is available for Windows, Linux, and various Unix platforms. B...

DB4Web 3.4/3.6 - Connection Proxy

source: https://www.securityfocus.com/bid/5725/info DB4Web is an application server that allows read and write access to relational databases and other information sources, via the web. The application is available for Windows, Linux, and various Unix platforms. By requesting a specially crafted...