CVSS: 10.0EPSS: 36%CPEs: 3EXPL: 2CVE-2010-1185 – SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1185
16 Mar 2010 — Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer basado en pila en serv.exe de SAP MaxDB v7.4.3.32, y v7.6.0.37 hasta la v7.6.06. Permite a atacantes remotos ejecutar código de su elección a través de un parámetro de longitud inválido en un paquete de "... • https://www.exploit-db.com/exploits/11886 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2008-1810 – iDEFENSE Security Advisory 2008-07-30.1
https://notcve.org/view.php?id=CVE-2008-1810
31 Jul 2008 — Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable. Vulnerabilidad de búsqueda de ruta no confiable en dbmsrv en SAP MaxDB 7.6.03.15 sobre Linux. Permite a usuarios locales elevar sus privilegios a través de una variable de entorno PATH modificada. Local exploitation of an untrusted path vulnerability in the "dbmsrv" program, as distributed with SAP AG's MaxDB, allow attackers to elevate privileges to t... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=729 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 89%CPEs: 1EXPL: 4CVE-2008-0244 – SAP MaxDB cons.exe Remote Command Injection
https://notcve.org/view.php?id=CVE-2008-0244
12 Jan 2008 — SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe. SAP MaxDB 7.6.03 build 007 y versiones anteriores, permite que atacantes remotos ejecuten comandos arbitrarios usando "$$", además de otros metacarateres del intéprete de comandos (shell) en exec_sdbinfo, y de otros comandos no especificados, que se ejecutan cuando MaxDB invoca a co... • https://packetstorm.news/files/id/180751 • CWE-20: Improper Input Validation •