CVE-2002-1484

DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems port scan via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error...

CVE-2002-1484

DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems port scan via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error...

CVE-2002-1484

DB4Web server vulnerability CVE-2002-1484: when configured to show verbose debug messages, the server can be abused as a proxy to initiate TCP connections to arbitrary hosts/ports, effectively enabling port-scanning-like behavior. The attack is triggered by requesting a URL that encodes the targe...

DB4Web Server Debug Mode TCP Port Scanning Proxy

The DB4Web debug page allows anybody to scan other machines. This could allow a remote attacker to learn more about the internal network layout, which could be used to mount further attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: From:[email protected] To:...

DB4Web Server db4web_c Filename Request Traversal Arbitrary File Access

The version of DB4Web running on the remote web server has an directory traversal vulnerability. A remote attacker could use this to read arbitrary files on the server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: From:[email protected] To:[email protected]...