[VulnWatch] Advisory: TCP-Connection risk in DB4Web
From: Stefan.Bagdohn@guardeonic.comDate: 09/19/02
- Previous message: Stefan.Bagdohn@guardeonic.com: "[VulnWatch] Advisory: File disclosure in DB4Web"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Stefan.Bagdohn@guardeonic.com To: vulnwatch@vulnwatch.org Date: Thu, 19 Sep 2002 11:01:01 +0200
Hi all. It's me again.
The application server DB4Web is able to initiate TCP connections to
arbitrary ports/IPs and can possibly misused as a portscanner. Please see
the attached advisory for deatils and vendors statement. regards, Stefan
- text/plain attachment: guardadv-02-2002-db4web-tcp-connect-bug.release.txt
- Previous message: Stefan.Bagdohn@guardeonic.com: "[VulnWatch] Advisory: File disclosure in DB4Web"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
