| VID |
210005 |
| Severity |
40 |
| Port |
9999, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The MaxDB web server, according to its version number, has a buffer overflow flaw in the Web DBM component. MaxDB is a SAP-certified open-source database supporting OLTP and OLAP. SAP DB and MaxDB versions prior to 7.6.00.30 could allow a remote attacker to execute arbitrary code, caused by a buffer overflow vulnerability in the Web DBM component. By sending a specially-crafted HTTP request from a WebDBM client to the DBM server, a remote attacker could execute arbitrary code on the system with privileges of the 'wahttp' process.
* Note: This check solely relied on the version number of the Web DBM component installed on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.symantec.com/enterprise/research/SYMSA-2006-009.txt
http://www.securityfocus.com/archive/1/444601/30/0/threaded
* Platforms Affected:
MySQL, MaxDB versions to 7.6.00.30
SAP AG, SAP DB Any version
Any operating system Any version |
| Recommendation |
For MaxDB:
Upgrade to the latest version of Web DBM (7.6.00.31 or later), available from the MySQL Web site at http://dev.mysql.com/downloads/maxdb/7.6.00.html
For SAP-DB:
Contact your vendor for patch or upgrade information:
https://websmp106.sap-ag.de/~SAPIDP/002006825000000234912001E
For Debian GNU/Linux:
Upgrade to the fixed version of maxdb, as listed in Debian Security Advisory DSA-1190-1 at http://www.debian.org/security/2006/dsa-1190 |
| Related URL |
CVE-2006-4305 (CVE) |
| Related URL |
19660 (SecurityFocus) |
| Related URL |
28636 (ISS) |
|
