75 matches found
EUVD-2003-1023
Malware in sbrugna...
EUVD-2003-1024
Malware in sbrugna...
EUVD-2003-0930
Malware in sbrugna...
EUVD-2003-0934
Malware in sbrugna...
EUVD-2003-0932
Malware in sbrugna...
EUVD-2003-0935
Malware in sbrugna...
CVE-2003-0941
web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa...
CVE-2003-0944
Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI...
CVE-2003-0942
Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa...
CVE-2003-0940
Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. dot dot sequences in a URL...
SAP DB 7.4 WebTools Buffer Overflow
No description provided by source. $Id: sapdbwebtools.rb 9842 2010-07-16 02:33:25Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...
SAP DB 7.x Web Server WAHTTP.EXE Multiple Buffer Overflow Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24773/info SAP DB Web Server is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized buffer. Successfully exploitin...
SAP DB 7.3 .00 Symbolic Link Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6316/info A vulnerability has been discovered in SAP DB that may allow an unprivileged to execute commands with root privileges. The vulnerability is due to insufficient sanity checks by lserver, when attempting to execut...
SAP DB 7.4 - WebTools Buffer Overflow (Metasploit)
$Id: sapdbwebtools.rb 9842 2010-07-16 02:33:25Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
SAP DB 7.4 WebTools Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'SAP DB 7.4...
SAP DB / MaxDB WebDBM Multiple Parameter XSS
The remote web server contains the WebDBM script, a component of SAP DB / MaxDB. The version of this script found on the remote host fails to sanitize user-supplied input to its 'Database', 'User', and 'Password' parameters before using it to generate dynamic content. An unauthenticated, remote...
SAP DB / MaxDB Cons Program Arbitrary Command Execution
The version of SAP DB / MaxDB installed on the remote host fails to sanitize user-supplied input to the 'show' and 'execsdbinfo' commands before passing it to a 'system' call. An unauthenticated, remote attacker can leverage this issue to execute arbitrary commands on the affected host subject to...
SAP DB / MaxDB Cons Program Arbitrary Command Execution
Binary data 4337.prm...
SAP DB 7.4 WebTools Buffer Overflow
This module exploits a stack buffer overflow in SAP DB 7.4 WebTools. By sending an overly long GET request, it may be possible for an attacker to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...
sapdb-seh.txt
/ Dreatica-FXP crew ---------------------------------------- Target : SAP DB 7.4 WebTools Site : http://www.sapdb.org Found by : NGSSoftware Insight Security Research ---------------------------------------- Exploit : SAP DB 7.4 WebTools Remote SEH overwrite exploit Exploit date : 07.07.2007...