PT-2005-4091 · Hsqldb+1 · Hsqldb+1

Andrew Christensen

Published

2005-10-23

Updated

2018-10-19

CVE-2005-3280

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Paros version 3.2.5

Description The issue allows remote attackers to gain privileges due to the use of a default password for the sa account in the underlying HSQLDB database and lack of access restriction to the local machine.

Recommendations For Paros version 3.2.5, change the default password for the sa account in the HSQLDB database and restrict access to the local machine to prevent unauthorized access.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3280

Affected Products

Hsqldb

Paros

PT-2005-4091 · Hsqldb+1 · Hsqldb+1

CVE-2005-3280

Related Identifiers

Affected Products

References · 8