Lucene search
+L

81 matches found

seebug.org
seebug.org
added 2011/05/26 12:0 a.m.38 views

Sybase EAServer未明目录遍历漏洞

Bugtraq ID: 47987 Sybase EAServer是一款基于开放标准的企业应用服务器,能够驱动业务关键型应用。 Sybase EAServer不正确过滤部分输入,远程攻击者可以利用目录遍历攻击读取任意文件内容,造成敏感信息泄露。 Sybase WorkSpace 2.5 Sybase WorkSpace 2.1.2 Sybase WorkSpace 2.1 Sybase WorkSpace 2.0 Sybase Replication Server Messaging Edition 15.2 Sybase EAServer 6.3.1 Sybase EAServer 6...

6.9AI score
Exploits0
NVD
NVD
added 2011/01/20 7:0 p.m.16 views

CVE-2011-0496

Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD2, as used in Appeon, Replication Server Messaging Edition RSME, and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability."...

10CVSS7.2AI score0.04549EPSS
Exploits0References6
NVD
NVD
added 2011/01/20 7:0 p.m.27 views

CVE-2011-0497

Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD2, as used in Appeon, Replication Server Messaging Edition RSME, and WorkSpace, allows remote attackers to read arbitrary files via "../" dot dot forward-slash backslash sequences in a crafted request...

7.8CVSS6.7AI score0.02218EPSS
Exploits0References7
Prion
Prion
added 2011/01/20 7:0 p.m.14 views

Design/Logic Flaw

Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD2, as used in Appeon, Replication Server Messaging Edition RSME, and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability."...

10CVSS7.7AI score0.04549EPSS
Exploits0References6Affected Software4
Prion
Prion
added 2011/01/20 7:0 p.m.14 views

Directory traversal

Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD2, as used in Appeon, Replication Server Messaging Edition RSME, and WorkSpace, allows remote attackers to read arbitrary files via "../" dot dot forward-slash backslash sequences in a crafted request...

7.8CVSS7.2AI score0.02218EPSS
Exploits0References7Affected Software4
EUVD
EUVD
added 2011/01/20 6:0 p.m.6 views

EUVD-2011-0516

Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD2, as used in Appeon, Replication Server Messaging Edition RSME, and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability."...

10CVSS7.2AI score0.04549EPSS
Exploits0References6
CVE
CVE
added 2011/01/20 6:0 p.m.56 views

CVE-2011-0497

CVE-2011-0497 —Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace. A crafted request can trigger directory traversal via the sequence "../\" to read arbitrary files. The issue is remote and network-...

7.8CVSS6.9AI score0.02218EPSS
Exploits0References7Affected Software4
Cvelist
Cvelist
added 2011/01/20 6:0 p.m.22 views

CVE-2011-0496

Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD2, as used in Appeon, Replication Server Messaging Edition RSME, and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability."...

7.2AI score0.04549EPSS
Exploits0References6
CVE
CVE
added 2011/01/20 6:0 p.m.68 views

CVE-2011-0496

CVE-2011-0496 affects Sybase EAServer 5.x and 6.x up to 6.3 ESD#2 (as used in Appeon, Replication Server Messaging Edition, and WorkSpace). It allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability." The NVD lists a CVSSv2 base sco...

10CVSS7.4AI score0.04549EPSS
Exploits0References6Affected Software4
Cvelist
Cvelist
added 2011/01/20 6:0 p.m.21 views

CVE-2011-0497

Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD2, as used in Appeon, Replication Server Messaging Edition RSME, and WorkSpace, allows remote attackers to read arbitrary files via "../" dot dot forward-slash backslash sequences in a crafted request...

6.7AI score0.02218EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2010/06/22 12:0 a.m.48 views

Sybase EAServer 5.2 - Remote Stack Buffer Overflow (Metasploit)

$Id: sybaseeaserver.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

4.6CVSS7AI score0.74202EPSS
Exploits6
Check Point Advisories
Check Point Advisories
added 2009/11/29 12:0 a.m.24 views

Sybase EAServer WebConsole Buffer Overflow (CVE-2005-2297)

Sybase EAServer is a web service application server suite. The software provides a web-based management console to allow a remote user using a web browser to perform database administration tasks. The communication between the client and the web-based management console is encapsulated in the HTT...

4.6CVSS8AI score0.74202EPSS
Exploits6
Packet Storm
Packet Storm
added 2009/11/26 12:0 a.m.31 views

Sybase EAServer 5.2 Remote Stack Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Sybase...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/02/02 12:0 a.m.8 views

Sybase EAServer Default Password (deprecated)

Binary data 4904.prm...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2008/09/09 12:0 a.m.21 views

Sybase Enterprise Application Server Management Console detection

The remote host is running the Sybase Enterprise Application Server JSP Administration Console. Sybase EAServer is the open application server from Sybase Inc an enterprise software and services company, exclusively focused on managing and mobilizing information. This VT was deprecated and the...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2007/02/18 12:10 a.m.23 views

Sybase EAServer 5.2 Remote Stack Buffer Overflow

This module exploits a stack buffer overflow in the Sybase EAServer Web Console. The offset to the SEH frame appears to change depending on what version of Java is in use by the remote server, making this exploit somewhat unreliable. This module requires Metasploit: https://metasploit.com/downloa...

4.6CVSS0.6AI score0.74202EPSS
Exploits6
Prion
Prion
added 2006/05/22 11:10 p.m.18 views

Design/Logic Flaw

Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText...

3.5CVSS6.5AI score0.00302EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2006/05/22 11:10 p.m.17 views

CVE-2006-2539

Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText...

3.5CVSS6.1AI score0.00302EPSS
Exploits0References5
CVE
CVE
added 2006/05/22 11:0 p.m.54 views

CVE-2006-2539

CVE-2006-2539 : Sybase EAServer exposes cleartext passwords entered in GUI. Local users can recover passwords via javax.swing.JPasswordField.getSelectedText. Affected products/versions: EAServer 5.0 on HP-UX Itanium; 5.2 on IBM AIX, HP-UX PA-RISC, Linux x86, Sun Solaris SPARC; 5.3 on Sun Solaris ...

3.5CVSS6.1AI score0.00302EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/05/22 11:0 p.m.17 views

CVE-2006-2539

Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText...

6.1AI score0.00302EPSS
Exploits0References5
Rows per page
Query Builder