CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 3CVE-2003-0449 – Progress Database 9.1 - Environment Variable Privilege Escalation
https://notcve.org/view.php?id=CVE-2003-0449
Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privileges via (1) a PATH environment variable that points to malicious libraries, as demonstrated using libjutil.so in_proapsv, or (2) the -installdir command line parameter, as demonstrated using librocket_r.so in _dbagent. Progress Database 9.1 a 9.1D06 se confia en la entrada del usuario para cargar librerias usando dlopen, lo que permite a usarios locales ganar privilegios mediante una variable de entorno PATH que apunta a las librerías maliciosas, como ha sido demostrado usando libjutil.so en _proapsv, o el parámetro de línea de comandos -installdir, como ha sido demostrado usando librocket_r.so en _dbagent. • https://www.exploit-db.com/exploits/22773 http://marc.info/?l=bugtraq&m=105561134624665&w=2 http://marc.info/?l=bugtraq&m=105561189625082&w=2 http://www.secnetops.com/research/advisories/SRT2003-06-13-0945.txt http://www.secnetops.com/research/advisories/SRT2003-06-13-1009.txt •
CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 0CVE-2002-0826
https://notcve.org/view.php?id=CVE-2002-0826
Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command. • http://www.atstake.com/research/advisories/2002/a080802-1.txt http://www.ipswitch.com/Support/WS_FTP-Server/patch-upgrades.html http://www.iss.net/security_center/static/9794.php http://www.securityfocus.com/bid/5427 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1129
https://notcve.org/view.php?id=CVE-2001-1129
Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable. • http://www.securityfocus.com/archive/1/224395 http://www.securityfocus.com/bid/3502 https://exchange.xforce.ibmcloud.com/vulnerabilities/7457 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1128
https://notcve.org/view.php?id=CVE-2001-1128
Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the (1) PROMSGS or (2) PROTERMCAP environment variables. • http://www.securityfocus.com/archive/1/219174 http://www.securityfocus.com/bid/3414 https://exchange.xforce.ibmcloud.com/vulnerabilities/7264 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 2CVE-2001-1127 – Progress Database 8.3/9.1 - Multiple Buffer Overflows
https://notcve.org/view.php?id=CVE-2001-1127
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump. • https://www.exploit-db.com/exploits/21117 https://www.exploit-db.com/exploits/21359 http://www.securityfocus.com/archive/1/218833 http://www.securityfocus.com/bid/3404 https://exchange.xforce.ibmcloud.com/vulnerabilities/7236 •