Evgeny Demidov

#7847de 53,635
35CVSS total
Vulnerabilidades · 4
Média
1
Alta
2
Crítica
1
PT-2004-2127
10
2004-12-10
Sap · Maxdb Webtools · CVE-2004-1168
Name of the Vulnerable Software and Affected Versions: MaxDB WebTools versions 7.5.00.18 and earlier Description: A stack-based buffer overflow issue exists in the WebDav handler, allowing remote attackers to execute arbitrary code via a long Overwrite header. Recommendations: For MaxDB WebTools versions 7.5.00.18 and earlier, update to a version later than 7.5.00.18 to resolve the issue.
PT-2004-2128
5.0
2004-12-10
Sap · Maxdb Webtools · CVE-2004-1169
Name of the Vulnerable Software and Affected Versions: MaxDB WebTools versions 7.5.00.18 and earlier Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved by sending an HTTP GET request for a non-existent file, followed by two carriage returns, which leads to a NULL dereference. Recommendations: For MaxDB WebTools versions 7.5.00.18 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2004-1693
10
2004-07-23
Samba · Samba · CVE-2004-0600
**Name of the Vulnerable Software and Affected Versions** Samba versions 3.0.2 through 3.0.4 **Description** The issue is related to a buffer overflow in the Samba Web Administration Tool (SWAT) that occurs when decoding base64 data during HTTP basic authentication. This happens due to a lack of proper bounds checking, allowing a remote attacker to execute arbitrary code with a specially crafted request, resulting in a loss of integrity. **Recommendations** For Samba versions 3.0.2 through 3.0.4, consider disabling the SWAT service until a patch is available to prevent remote attackers from exploiting the buffer overflow vulnerability. Restrict access to the HTTP basic authentication mechanism to minimize the risk of exploitation.
PT-2004-1571
10
2004-05-12
Heimdal · Heimdal K5Admind · CVE-2004-0434
**Name of the Vulnerable Software and Affected Versions** Heimdal k5admind (kadmind) (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request. This is due to a heap-based buffer overflow that occurs when the framing length of the request is less than 2. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.