database software
CVE Name: CVE-2009-2620
3. *Vulnerability Description*
Firebird SQL [1] is an open source relational database management system
offering many ANSI SQL standard features that runs on Linux, Windows,
and a variety of Unix platforms.
A remote denial of service vulnerability has been found in Firebird SQL,
which can be exploited by a remote attacker to force the server to close
http://www.flatpress.org/
Description
FlatPress is an open-source standard-compliant multi-lingual extensible
blogging engine which does not require a DataBase Management System to
work.
Example
Assuming flatpress is installed on http://localhost/flatpress/, anybody
Oracle is a widely-deployed Database Management System (DBMS) that supports a variety of applications. Many multi-tier applications are designed to use proxy authentication, restricting a middle tier to establish the database connection on behalf of the users. The standard authentication mechanism requires the client, the middle tier in this case, to provide valid credentials in order to authenticate and connect to the DBMS. User sessions are then created through the proxy connection. Oracle TNS protocol messages are used for session setup, authentication and data transfer.
Scope
Imperva’s Application Defense Center (ADC) conducts extensive research on enterprise applications and databases. During its research, the team has identified a vulnerability in Oracle’s proxy authentication and access control mechanism.
Findings
======================================================================
3) Vendor's Description of Software
"Microsoft Office is a complete suite of productivity and database
software that will help you save time and stay organized".
Product Link:
http://office.microsoft.com/
======================================================================
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 10, 2008
I. BACKGROUND
SAP's MaxDB is a database software product. MaxDB was released as open
source from version 7.5 up to version 7.6.00. Later versions are no
longer open source but are available for download from the SAP SDN
website (sdn.sap.com) as a community edition with free community
support for public use beyond the scope of SAP applications. The
"sdbstarter" program is set-uid root and installed by default. For more
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 30, 2008
I. BACKGROUND
SAP's MaxDB is a database software product. MaxDB was released as open
source from version 7.5 up to version 7.6.00. Later versions are no
longer open source but are available for download from the SAP SDN
website (sdn.sap.com) as a community edition with free community
support for public use beyond the scope of SAP applications. The
"dbmsrv" program is set-uid "sdb", set-gid "sdba", and installed by
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 10, 2008
I. BACKGROUND
SAP's MaxDB is a database software product. MaxDB was released as open
source from version 7.5 up to version 7.6.00. Later versions are no
longer open source but are available for download from the SAP SDN
website (sdn.sap.com) as a community edition with free community
support for public use beyond the scope of SAP applications. The
"vserver" program is responsible for accepting and handling
======================================================================
3) Vendor's Description of Software
"Microsoft Office is a complete suite of productivity and database
software that will help you save time and stay organized".
Product Link:
http://office.microsoft.com/
======================================================================
======================================================================
3) Vendor's Description of Software
"Microsoft Office is a complete suite of productivity and database
software that will help you save time and stay organized".
Product Link:
http://office.microsoft.com/
======================================================================
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 10, 2008
I. BACKGROUND
SAP's MaxDB is a database software product. MaxDB was released as open
source from version 7.5 up to version 7.6.00. Later versions are no
longer open source but are available for download from the SAP SDN
website (sdn.sap.com) as a community edition with free community
support for public use beyond the scope of SAP applications. The
"vserver" program is responsible for accepting and handling
======================================================================
3) Vendor's Description of Software
"Microsoft Office is a complete suite of productivity and database
software that will help you save time and stay organized".
Product Link:
http://office.microsoft.com/
======================================================================
Background
==========
PostgreSQL is an open source object-relational database management
system.
Affected packages
=================
-------------------------------------------------------------------
======================================================================
3) Vendor's Description of Software
"Microsoft Office is a complete suite of productivity and database
software that will help you save time and stay organized".
Product Link:
http://office.microsoft.com/
======================================================================
======================================================================
3) Vendor's Description of Software
"Microsoft Office is a complete suite of productivity and database
software that will help you save time and stay organized".
Product Link:
http://office.microsoft.com/
======================================================================
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 10, 2008
I. BACKGROUND
SAP's MaxDB is a database software product. MaxDB was released as open
source from version 7.5 up to version 7.6.00. Later versions are no
longer open source but are available for download from the SAP SDN
website (sdn.sap.com) as a community edition with free community
support for public use beyond the scope of SAP applications. The
"sdbstarter" program is set-uid root and installed by default. For more
EnterpriseDB Advanced Server 8.2 Unitialized Pointer
----------------------------------------------------
Product Description:
EnterpriseDB is a (comercial) relational database management system
based on PostgreSQL.
Vulnerable Versions:
EnterpriseDB Advanced Server 8.2 in all supported operative systems.
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 10, 2008
I. BACKGROUND
SAP's MaxDB is a database software product. MaxDB was released as open
source from version 7.5 up to version 7.6.00. Later versions are no
longer open source but are available for download from the SAP SDN
website (sdn.sap.com) as a community edition with free community
support for public use beyond the scope of SAP applications. The
"vserver" program is responsible for accepting and handling
=====================================================================================
Product description:
--------------------
Microsoft SQL Server is a relational database management system (RDBMS)
produced by Microsoft. Its primary query language is Transact-SQL, an
implementation of the ANSI/ISO standard Structured Query Language (SQL)
used by both Microsoft and Sybase.
|
