Shodan
Vulnerabilities
Vulnerable Software
Mysql:  >> Maxdb  >> 7.5.00.15  Security Vulnerabilities
CVE-2006-4305
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.
CVSS Score
10.0
EPSS Score
0.74
Published
2006-08-30
CVE-2005-1274
Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
CVSS Score
10.0
EPSS Score
0.029
Published
2005-04-26
CVE-2005-0684
Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
CVSS Score
10.0
EPSS Score
0.74
Published
2005-04-25
CVE-2005-0081
MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
CVSS Score
5.0
EPSS Score
0.007
Published
2005-04-14
CVE-2005-0082
The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
CVSS Score
5.0
EPSS Score
0.006
Published
2005-04-14
CVE-2004-1168
Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to execute arbitrary code via a long Overwrite header.
CVSS Score
10.0
EPSS Score
0.046
Published
2005-01-10
CVE-2004-1169
MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference.
CVSS Score
5.0
EPSS Score
0.006
Published
2005-01-10
CVE-2004-0931
MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.
CVSS Score
5.0
EPSS Score
0.008
Published
2004-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved