468 matches found
CVE-2011-5078
The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD 3 and 7.0 before ESD 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP...
CVE-2011-2474
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path...
CVE-2012-4340
Cross-site scripting XSS vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-6866
SAP Sybase Adaptive Server Enterprise ASE before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR736689...
CVE-2013-6861
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors...
CVE-2002-1861
Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...
CVE-2009-2899
The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments...
CVE-1999-0695
The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. dot dot attack...
Sybase Easerver 6.3 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sybase Easerver 6.3 Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Sybase EAserver's...
Sybase DB Compliance Checks
Binary data sybasedbcompliancecheck.nbin...
VulnCheck KEV: CVE-2011-2474
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.../../\ sequence in a path...
Security Bulletin: IBM Data Replication Support Tool Information Collection on Sybase Platform
Summary This bulletin covers an incorrect behaviour of the Support Information tool running against Sybase databases where the tool may capture database credential information in support traces. Vulnerability Details Third Party Entry: PSIRT-ADV0024332 DESCRIPTION: Created from Advisory: ADV00243...
SQLMap v1.4.9 - Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...
Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers
A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in...
Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers
A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in...
Fedora Update for freetds FEDORA-2019-b67929609d
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Sybase ASE Login Possible
Binary data sybaselogin.nbin...
[SECURITY] Fedora 29 Update: freetds-1.1.20-1.fc29
FreeTDS is a project to document and implement the TDS Tabular DataStream protocol. TDS is used by SybaseTM and MicrosoftTM for client to database server communications. FreeTDS includes call level interfaces for DB-Lib, CT-Lib, and ODBC...
[SECURITY] Fedora 30 Update: freetds-1.1.20-1.fc30
FreeTDS is a project to document and implement the TDS Tabular DataStream protocol. TDS is used by SybaseTM and MicrosoftTM for client to database server communications. FreeTDS includes call level interfaces for DB-Lib, CT-Lib, and ODBC...
[SECURITY] Fedora 31 Update: freetds-1.1.20-1.fc31
FreeTDS is a project to document and implement the TDS Tabular DataStream protocol. TDS is used by SybaseTM and MicrosoftTM for client to database server communications. FreeTDS includes call level interfaces for DB-Lib, CT-Lib, and ODBC...