lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20041207181838.3B0D823EBDB@dzeta.agava.net>
Date: Tue,  7 Dec 2004 21:18:38 +0300 (MSK)
From: Evgeny Demidov <demidov@...g.net>
To: full-disclosure@...ts.netsys.com
Cc: bugtraq@...urityfocus.com
Subject: MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of Service


Name:          MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of Service 
Date:          7 Dec 2004
Platforms:     Any
Author:        Evgeny Demidov

Description:

"MaxDB is a heavy-duty, SAP-certified open source database for OLTP and OLAP usage which offers high reliability, availability,
scalability and a very comprehensive feature set." (quote from http://www.mysql.com/products/maxdb/) 

Two vulnerabilities in MaxDB WebTools have been found and reported to MySQL team.

1 - WebDav handler long 'Overwrite' header stack overflow
Remote root/SYSTEM. Easy to exploit.

2 - Funny 'wahttp' NULL pointer dereference 
To reproduce it, execute the following command:
$ telnet localhost 9999
GET /file/not/found HTTP/1.0
[ENTER] 
[ENTER]

Fix:

MaxDB 7.0.19 supposedly should fix these problems - http://dev.mysql.com/downloads/maxdb/7.5.00.html

History:

25 May 2004 - vulnerability has been discovered by Evgeny Demidov
26 May 2004 - vulnerability details has been made available to VulnDisco clients
15 Oct 2004 - vulnerability has been reported to security@...ql.com 
7  Dec 2004 - public release of the advisory



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ