Lucene search
K

4977 matches found

NVD
NVD
added 2003/12/15 5:0 a.m.17 views

CVE-2003-0943

web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via 1 waecho, 2 Web SQL Interface websql, or 3 Web Database Manager webdbm...

7.5CVSS6.7AI score0.01465EPSS
Exploits1References1
NVD
NVD
added 2003/12/15 5:0 a.m.21 views

CVE-2003-0945

The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities...

7.5CVSS6.7AI score0.01457EPSS
Exploits1References2
NVD
NVD
added 2003/12/15 5:0 a.m.19 views

CVE-2003-0941

web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa...

7.5CVSS6.6AI score0.01465EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2003/11/22 12:0 a.m.47 views

SAP DB / MaxDB Detection

SAP DB or MaxDB, an ERP software, is running on the remote port. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11929; scriptversion"1.26"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01"; scriptnameenglish:"SAP DB / MaxDB Detection";...

5.5AI score
Exploits0References2
CVE
CVE
added 2003/11/21 5:0 a.m.60 views

CVE-2003-0938

CVE-2003-0938 affects SAP DB (SAP database server) version 7.4.03.27 and earlier. The vulnerability arises when a local attacker places a malicious NETAPI32.DLL in the SAP DB working directory, which is loaded by SAP DB before the legitimate DLL, enabling privilege escalation to SYSTEM. The issue...

7.2CVSS6.3AI score0.00433EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2003/11/21 5:0 a.m.20 views

CVE-2003-0944

Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI...

7.9AI score0.0266EPSS
Exploits1References1
Cvelist
Cvelist
added 2003/11/21 5:0 a.m.29 views

CVE-2003-0942

Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa...

7.9AI score0.0266EPSS
Exploits1References1
CVE
CVE
added 2003/11/21 5:0 a.m.52 views

CVE-2003-0944

SAP DB web-tools : The vulnerability set includes a buffer overflow in the default waecho service of SAP DB’s web-tools, and related issues in Web Agent Administration, Web SQL, and Web DBM. The root cause is improper handling of long requestURIs and related inputs, enabling remote code execution...

7.5CVSS7.9AI score0.0266EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2003/11/21 5:0 a.m.52 views

CVE-2003-0941

The CVE-2003-0941 issue affects SAP DB’s web-tools/Web Agent component prior to version 7.4.03.30. The vulnerability allows remote attackers to access the Web Agent Administration pages (waadmin.wa) without authentication and modify configuration via a direct request, enabling potential remote ad...

7.5CVSS6.6AI score0.01465EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2003/11/21 5:0 a.m.49 views

CVE-2003-0940

SAP DB web-tools (web server component sqlfopenc) contains a directory traversal vulnerability that allows remote reading of arbitrary files via dot-dot sequences in URLs. Affected: SAP DB web-tools prior to 7.4.03.30; attack surface includes the web-server administration pages and default servic...

5CVSS6.8AI score0.01558EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2003/11/21 5:0 a.m.51 views

CVE-2003-0943

CVE-2003-0943 affects SAP DB web-tools prior to 7.4.03.30. The default-enabled services (waecho, Web SQL Interface websql, Web Database Manager webdbm) can enable remote attackers to view potentially sensitive information or redirect attacks against internal databases. Connected sources also desc...

7.5CVSS6.8AI score0.01465EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2003/11/21 5:0 a.m.46 views

CVE-2003-0945

CVE-2003-0945 affects SAP DB Web-tools Web Database Manager prior to 7.4.03.30. The vulnerability stems from generating predictable session IDs in the Web Database Manager, with IDs placed in the URL, enabling remote attackers to perform unauthorized activities. The issue is addressed by SAP with...

7.5CVSS6.7AI score0.01457EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2003/11/21 5:0 a.m.47 views

CVE-2003-0939

SAP DB (SAP database server) 7.4.03.27 and earlier is affected by a remote buffer overflow in the niserver/serv.exe interface. The flaw lies in eo420_GetStringFromVarPart (veo420.c): a 256-byte variable-sized segment is copied without bounds checking, potentially allowing remote code execution vi...

7.5CVSS7.9AI score0.03093EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2003/11/21 5:0 a.m.22 views

CVE-2003-0945

The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities...

6.7AI score0.01457EPSS
Exploits1References2
Cvelist
Cvelist
added 2003/11/21 5:0 a.m.20 views

CVE-2003-0940

Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. dot dot sequences in a URL...

6.7AI score0.01558EPSS
Exploits1References1
Cvelist
Cvelist
added 2003/11/21 5:0 a.m.26 views

CVE-2003-0941

web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa...

6.6AI score0.01465EPSS
Exploits1References1
Cvelist
Cvelist
added 2003/11/21 5:0 a.m.23 views

CVE-2003-0943

web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via 1 waecho, 2 Web SQL Interface websql, or 3 Web Database Manager webdbm...

6.7AI score0.01465EPSS
Exploits1References1
CVE
CVE
added 2003/11/21 5:0 a.m.50 views

CVE-2003-0942

CVE-2003-0942 describes a buffer overflow in the Web Agent Administration component of SAP DB web-tools prior to 7.4.03.30. The vulnerability is triggered by a long Name parameter to waadmin.wa, allowing remote attackers to execute arbitrary code. Multiple sources (NVD, Red Hat, CVE listings, and...

7.5CVSS8AI score0.0266EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2003/11/17 12:0 a.m.54 views

SAP DB web-tools multiple issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: SAP DB web-tools multiple issues Release Date: 11/17/2003 Application: SAP DB 7.4.03.30 Platform: Linux IA32 Microsoft Windows NT4/2000/XP SUN Solaris HPUX Compaq True64 Severity: Remote fi...

7.5CVSS0.1AI score0.0266EPSS
Exploits6
securityvulns
securityvulns
added 2003/11/17 12:0 a.m.49 views

SAP DB priv. escalation/remote code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: SAP DB priv. escalation/remote code execution Release Date: 11/17/2003 Application: SAP DB 7.4.03.27 23-June-2003 and before Platform: Microsoft Windows NT4/2000/XP 1 and 2 Linux IA32 2 SUN...

7.5CVSS0.03093EPSS
Exploits2
Rows per page
Query Builder