MaxDB WebTools versions 7.5.00.18 and below suffer from a denial of service flaw and a WebDav stack overflow.
c20f2fce6b880245de398b94db42eb5c621021013f6b5edf715a90dea9a81f62Name: MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of Service
Date: 7 Dec 2004
Platforms: Any
Author: Evgeny Demidov
Description:
"MaxDB is a heavy-duty, SAP-certified open source database for OLTP and OLAP usage which offers high reliability, availability,
scalability and a very comprehensive feature set." (quote from http://www.mysql.com/products/maxdb/)
Two vulnerabilities in MaxDB WebTools have been found and reported to MySQL team.
1 - WebDav handler long 'Overwrite' header stack overflow
Remote root/SYSTEM. Easy to exploit.
2 - Funny 'wahttp' NULL pointer dereference
To reproduce it, execute the following command:
$ telnet localhost 9999
GET /file/not/found HTTP/1.0
[ENTER]
[ENTER]
Fix:
MaxDB 7.0.19 supposedly should fix these problems - http://dev.mysql.com/downloads/maxdb/7.5.00.html
History:
25 May 2004 - vulnerability has been discovered by Evgeny Demidov
26 May 2004 - vulnerability details has been made available to VulnDisco clients
15 Oct 2004 - vulnerability has been reported to security@mysql.com
7 Dec 2004 - public release of the advisory
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed