10 matches found
CVE-2005-0684
CVE-2005-0684 affects the MySQL MaxDB Webtool/WebTools in MaxDB before version 7.5.00.26. The vulnerability is a stack buffer overflow caused by improper handling of long HTTP GET requests containing a percent sign or long Lock-Token strings in WebDAV handling (WDVHandler_CommonUtils.c), allowing...
CVE-2006-4305
CVE-2006-4305 describes a buffer overflow in SAP DB / MaxDB WebDBM when processing an overly long database name via WebDBM client connections. The initial entry states a remote code execution risk with MaxDB/WebDBM before 7.6.00.30. Connected sources corroborate details and show practical context...
CVE-2004-0931
CVE-2004-0931 affects MySQL MaxDB prior to 7.5.00.18. The vulnerability lies in the WebDBM server component where a remote attacker can send an HTTP request to the webdbm with high-ASCII values in the Server field, triggering an assert in IsAscii7 and causing a denial-of-service crash. Public ref...
CVE-2005-0082
The CVE-2005-0082 issue affects MySQL MaxDB 7.5.0.0 and earlier releases up to 7.5.0.20/21, where the sapdbwa_GetUserData function can be abused by remote attackers to crash the SAP DB Web Agent via a null dereference in the WebDAV handler. Red Hat confirms the fixed version is 7.5.0.21, with upd...
CVE-2005-0083
MySQL MaxDB/Web Agent vulnerability CVE-2005-0083 affects MaxDB 7.5.00 for Windows (and possibly earlier/other platforms). Remote input validation errors in DBMCli_String::ReallocString, DBMCli_String::operator, DBMCli_Buffer::ForceResize, DBMCli_Wizard::InstallDatabase, DBMCli_Devspaces::Complet...
CVE-2005-0081
MaxDB Web Agent in MySQL MaxDB (version 7.5.0.0 and older builds prior to 7.5.0.21) is affected by two remote denial-of-service vulnerabilities. One is a null pointer dereference in sapdbwa_GetUserData(), the other is improper handling of malformed HTTP headers, both leading to crashes. The issue...
CVE-2005-0111
Affected: MaxDB WebSQL CGI in MySQL MaxDB 7.5.00. The vulnerability is a stack-based buffer overflow triggered by a long password parameter, allowing remote code execution over the network. Remediation/mitigation: upgrade to MaxDB WebSQL 7.5.00.18 or later (as indicated by related Nessus entry fo...
CVE-2004-1168
CVE-2004-1168 affects MaxDB WebTools before/including 7.5.00.18. The WebDav handler is vulnerable to a stack-based buffer overflow, enabling remote code execution when a long Overwrite header is processed. No exploit specifics or mitigation details are provided in the supplied documents. This ent...
CVE-2004-1169
MaxDB WebTools 7.5.00.18 and earlier are affected. A remote attacker can trigger a denial of service (application crash) by issuing an HTTP GET for a non-existent file followed by two carriage returns, causing a NULL dereference. No remediation details are provided in the connected documents. If ...
CVE-2005-1274
CVE-2005-1274 affects MySQL MaxDB prior to 7.5.00.26. A stack-based buffer overflow occurs in the WebDAV getIfHeader function, exploitable through an HTTP unlock request with a long If parameter. This can allow remote attackers to execute arbitrary code. The vulnerability is documented across mul...