Progress Database 9.1 - sqlcpp Local Buffer Overflow

// source: https://www.securityfocus.com/bid/4402/info Progress is a commercial database for Microsoft Windows and Unix systems. A buffer overflow has been reported in the sqlcpp program included with Progress, used as a SQL preprocessor. Execution of arbitrary code is possible. This issue has be...

Progress Database 9.1 - sqlcpp Local Buffer Overflow

Progress Database 9.1 - sqlcpp Local Buffer Overflow // source: https://www.securityfocus.com/bid/4402/info Progress is a commercial database for Microsoft Windows and Unix systems. A buffer overflow has been reported in the sqlcpp program included with Progress, used as a SQL preprocessor...

CVE-2001-1129

Format string vulnerabilities in 1 probuild, 2 dbutil, 3 mprosrv, 4 mprshut, 5 proapsv, 6 progres, 7 proutil, 8 rfutil and 9 prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable...

CVE-2001-1127

Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via 1 proapsv, 2 mprosrv, 3 mprshut, 4 orarx, 5 sqlcpp, 6 probrkr, 7 sqlschema and 8 sqldump...

CVE-2001-1127

CVE-2001-1127 describes a buffer overflow in Progress Database 8.3D and 9.1C that could let a local user execute arbitrary code via the eight entry points: _proapsv, _mprosrv, _mprshut, orarx, sqlcpp, _probrkr, _sqlschema, and _sqldump. The NVD entry assigns a base score 7.2 (HIGH) with LOCAL att...

CVE-2001-1128

The CVE-2001-1128 vulnerability affects Progress database versions 8.3D and 9.1C. A buffer overflow is triggered by long entries in files specified via the PROMSGS or PROTERMCAP environment variables, allowing local code execution. The available documents confirm the vulnerable component and the ...

CVE-2001-1128

Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the 1 PROMSGS or 2 PROTERMCAP environment variables...

CVE-2001-1129

The CVE-2001-1129 entry covers multiple components of Progress database 9.1C (probuild, dbutil, mprosrv, mprshut, proapsv, progres, proutil, rfutil, and prolib). The vulnerability is a local format-string flaw in the PROMSGS environment file that allows a local user to execute arbitrary code. The...

Progres Databse PROMSGS Format strings issue.

Well once again I have found yet another Progress database issue. The PROMSGS has been looked at one time already for buffer overflows. It was supposed to be fixed. I was poking around at it today and noticed these format strings issues... PROGRESS Version 9.1C as of Thu Jun 7 10:03:59 EDT 2001...

CVE-2001-1129

Format string vulnerabilities in 1 probuild, 2 dbutil, 3 mprosrv, 4 mprshut, 5 proapsv, 6 progres, 7 proutil, 8 rfutil and 9 prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable...

CVE-2001-1128

Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the 1 PROMSGS or 2 PROTERMCAP environment variables...

Progress Database vulnerabilities

strcpy and pstcopy dbutpstcopy are BAD!@@!$! you need to make use of strncpy or invent pstncopy This is straight from the unix man pages for strcpy NAME strcpy, strncpy - copy a string SYNOPSIS include string.h char strcpychar dest, const char src; BUGS If the destination string of a strcpy is no...

CVE-2001-1127

Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via 1 proapsv, 2 mprosrv, 3 mprshut, 4 orarx, 5 sqlcpp, 6 probrkr, 7 sqlschema and 8 sqldump...

Progress Database 8.3/9.1 - Multiple Buffer Overflows

source: https://www.securityfocus.com/bid/3404/info Progress is a commercial database for Microsoft Windows and Unix systems. Locally exploitable buffer overflows are prevalent throughout many Progress Database programs. This is largely due to insufficient bounds checking of data which is...

Progress Database 8.39.1 - Multiple Buffer Overflows

Progress Database 8.39.1 - Multiple Buffer Overflows source: https://www.securityfocus.com/bid/3404/info Progress is a commercial database for Microsoft Windows and Unix systems. Locally exploitable buffer overflows are prevalent throughout many Progress Database programs. This is largely due to...

Progress Database Server 8.3b - 'prodb' Local Privilege Escalation

/ progress database server v8.3b local root compromise. for sco-unix and linux on linux redhat 6.2 and SCOSV scosysv 3.2 5.05 this is just one of it, advisory about the bug discovery grabbed from packetstorm, which was originally found by: [email protected] exploit usage: ./prodbx offset...

Progress Database Server 8.3b - prodb Local Privilege Escalation

Progress Database Server 8.3b - prodb Local Privilege Escalation / progress database server v8.3b local root compromise. for sco-unix and linux on linux redhat 6.2 and SCOSV scosysv 3.2 5.05 this is just one of it, advisory about the bug discovery grabbed from packetstorm, which was originally...

Progress Database Server 8.3b (prodb) Local Root Exploit

Exploit for multiple platform in category local exploits ======================================================== Progress Database Server 8.3b prodb Local Root Exploit ======================================================== / progress database server v8.3b local root compromise. for sco-unix an...

progress-db.txt

Vendor: www.progress.com Issue: Local overflows Progress Database server 8.x and 9.x Unix Linux and SCO and others? Nt versions MAY not be affected tested versions 7, 8 and 9 Several overflows are present in your software ... if I can overwrite the eip on the stack I can run arbitrary code as roo...