cvelistv5 - cve-2008-0307

cve-2008-0307

Vulnerability from cvelistv5

Published

2008-03-11 23:00

Modified

2024-08-07 07:39

Severity ?

Summary

Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669
cve@mitre.org	http://secunia.com/advisories/29312	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/28183
cve@mitre.org	http://www.securitytracker.com/id?1019571
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0844/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/41107
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29312	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28183
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019571
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0844/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41107

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:39:34.804Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "maxdb-vserver-code-execution(41107)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41107"
          },
          {
            "name": "20080310 SAP MaxDB Signedness Error Heap Corruption Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669"
          },
          {
            "name": "28183",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28183"
          },
          {
            "name": "ADV-2008-0844",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0844/references"
          },
          {
            "name": "29312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29312"
          },
          {
            "name": "1019571",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019571"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "maxdb-vserver-code-execution(41107)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41107"
        },
        {
          "name": "20080310 SAP MaxDB Signedness Error Heap Corruption Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669"
        },
        {
          "name": "28183",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28183"
        },
        {
          "name": "ADV-2008-0844",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0844/references"
        },
        {
          "name": "29312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29312"
        },
        {
          "name": "1019571",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019571"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0307",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "maxdb-vserver-code-execution(41107)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41107"
            },
            {
              "name": "20080310 SAP MaxDB Signedness Error Heap Corruption Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669"
            },
            {
              "name": "28183",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28183"
            },
            {
              "name": "ADV-2008-0844",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0844/references"
            },
            {
              "name": "29312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29312"
            },
            {
              "name": "1019571",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019571"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-0307",
    "datePublished": "2008-03-11T23:00:00",
    "dateReserved": "2008-01-16T00:00:00",
    "dateUpdated": "2024-08-07T07:39:34.804Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:maxdb:7.6.0.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75C1FA85-049A-4324-9E18-7C41017B84EE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.\"}, {\"lang\": \"es\", \"value\": \"Error de presencia de signo en entero en vserver en SAP MaxDB 7.6.0.37, y posiblemente otras versiones permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n mediante vectores no especificados que disparan una corrupci\\u00f3n de pila.\"}]",
      "id": "CVE-2008-0307",
      "lastModified": "2024-11-21T00:41:38.243",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-03-11T23:44:00.000",
      "references": "[{\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/29312\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/28183\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1019571\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0844/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41107\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/29312\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/28183\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1019571\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0844/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41107\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-189\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-0307\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-03-11T23:44:00.000\",\"lastModified\":\"2024-11-21T00:41:38.243\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.\"},{\"lang\":\"es\",\"value\":\"Error de presencia de signo en entero en vserver en SAP MaxDB 7.6.0.37, y posiblemente otras versiones permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores no especificados que disparan una corrupci\u00f3n de pila.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:maxdb:7.6.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75C1FA85-049A-4324-9E18-7C41017B84EE\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29312\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/28183\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1019571\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0844/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41107\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/29312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/28183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019571\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0844/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2008-0307

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.

Aliases

CVE-2008-0307

Aliases

CVE-2008-0307

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-0307",
    "description": "Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.",
    "id": "GSD-2008-0307"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0307"
      ],
      "details": "Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.",
      "id": "GSD-2008-0307",
      "modified": "2023-12-13T01:22:58.712896Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-0307",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "maxdb-vserver-code-execution(41107)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41107"
          },
          {
            "name": "20080310 SAP MaxDB Signedness Error Heap Corruption Vulnerability",
            "refsource": "IDEFENSE",
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669"
          },
          {
            "name": "28183",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/28183"
          },
          {
            "name": "ADV-2008-0844",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0844/references"
          },
          {
            "name": "29312",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29312"
          },
          {
            "name": "1019571",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1019571"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sap:maxdb:7.6.0.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0307"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20080310 SAP MaxDB Signedness Error Heap Corruption Vulnerability",
              "refsource": "IDEFENSE",
              "tags": [],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669"
            },
            {
              "name": "28183",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/28183"
            },
            {
              "name": "1019571",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019571"
            },
            {
              "name": "29312",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29312"
            },
            {
              "name": "ADV-2008-0844",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0844/references"
            },
            {
              "name": "maxdb-vserver-code-execution(41107)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41107"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:29Z",
      "publishedDate": "2008-03-11T23:44Z"
    }
  }
}

ghsa-25xv-g2pj-97p3

Vulnerability from github

Published

2022-05-01 23:28

Modified

2022-05-01 23:28

Details

Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-0307"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-03-11T23:44:00Z",
    "severity": "HIGH"
  },
  "details": "Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.",
  "id": "GHSA-25xv-g2pj-97p3",
  "modified": "2022-05-01T23:28:58Z",
  "published": "2022-05-01T23:28:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0307"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41107"
    },
    {
      "type": "WEB",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29312"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/28183"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019571"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0844/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption. SAP MaxDB is prone to a heap-based memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Successfully exploiting this issue will compromise the affected application and possibly the underlying computer. This issue affects MaxDB 7.6.0.37 running on the Linux operating system. Other versions running on different platforms may also be affected. The new version includes many new and advanced features, which makes it even easier to stay patched.

Download and test it today: https://psi.secunia.com/

Read more about this new version: https://psi.secunia.com/?page=changelog

TITLE: MaxDB Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA29312

VERIFY ADVISORY: http://secunia.com/advisories/29312/

CRITICAL: Highly critical

IMPACT: Privilege escalation, System access

WHERE:

From remote

SOFTWARE: MaxDB 7.x http://secunia.com/product/4012/

DESCRIPTION: Some vulnerabilities have been reported in MaxDB, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to potentially compromise a vulnerable system.

2) An error exists within the "sdbstarter" program when handling environment variables.

Successful exploitation requires that the attacker is a member of the "sdba" group.

PROVIDED AND/OR DISCOVERED BY: An anonymous researcher, reported via iDefense.

ORIGINAL ADVISORY: iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=670 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. iDefense Security Advisory 03.10.08 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 10, 2008

I. BACKGROUND

SAP's MaxDB is a database software product. MaxDB was released as open source from version 7.5 up to version 7.6.00. Later versions are no longer open source but are available for download from the SAP SDN website (sdn.sap.com) as a community edition with free community support for public use beyond the scope of SAP applications. The "vserver" program is responsible for accepting and handling communication with remote database clients. For more information, visit the product's website at the following URL.

https://www.sdn.sap.com/irj/sdn/maxdb

II.

After accepting a connection, the "vserver" process forks and reads parameters from the client into various structures. When doing so, it trusts values sent from the client to be valid. By sending a specially crafted request, an attacker can cause heap corruption. This leads to a potentially exploitable memory corruption condition.

III. In order to exploit this vulnerability, an attacker must be able to establish a TCP session on port 7210 with the target host. Additionally, the attacker must know the name of an active database on the server.

Since this service uses the fork() system call once a connection has been accepted, an attacker can repeatedly attempt to exploit this vulnerability. Some exploitation attempts may result in the database process ceasing to run, in which case further exploitation attempts will not be possible.

IV. DETECTION

iDefense has confirmed the existence of this vulnerability in SAP AG's MaxDB version 7.6.0.37 on Linux.

V. WORKAROUND

Employing firewalls to limit access to the affected service will mitigate exposure to this vulnerability.

VI. VENDOR RESPONSE

SAP AG has addressed this vulnerability by releasing a new version of MaxDB. For more information, consult SAP note 1140135.

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2008-0307 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.

VIII. DISCLOSURE TIMELINE

12/06/2007 Initial vendor notification 12/10/2007 Initial vendor response 03/10/2008 Coordinated public disclosure

IX. CREDIT

The discoverer of this vulnerability wishes to remain anonymous.

Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php

Free tools, research and upcoming events http://labs.idefense.com/

X. LEGAL NOTICES

Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200803-0282",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "maxdb",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "sap",
        "version": "7.6.0.37"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "28183"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0307"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sap:maxdb:7.6.0.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-0307"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "iDEFENSE",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-0307",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2008-0307",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-0307",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200803-177",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0307"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption. SAP MaxDB is prone to a heap-based memory-corruption vulnerability. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Successfully exploiting this issue will compromise the affected application and possibly the underlying computer. \nThis issue affects MaxDB  7.6.0.37 running on the Linux operating system. Other versions running on different platforms may also be affected. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nMaxDB Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA29312\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/29312/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nPrivilege escalation, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nMaxDB 7.x\nhttp://secunia.com/product/4012/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in MaxDB, which can be\nexploited by malicious, local users to gain escalated privileges, and\nby malicious people to potentially compromise a vulnerable system. \n\n2) An error exists within the \"sdbstarter\" program when handling\nenvironment variables. \n\nSuccessful exploitation requires that the attacker is a member of the\n\"sdba\" group. \n\nPROVIDED AND/OR DISCOVERED BY:\nAn anonymous researcher, reported via iDefense. \n\nORIGINAL ADVISORY:\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=670\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. iDefense Security Advisory 03.10.08\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nMar 10, 2008\n\nI. BACKGROUND\n\nSAP\u0027s MaxDB is a database software product. MaxDB was released as open\nsource from version 7.5 up to version 7.6.00. Later versions are no\nlonger open source but are available for download from the SAP SDN\nwebsite (sdn.sap.com) as a community edition with free community\nsupport for public use beyond the scope of SAP applications. The\n\"vserver\" program is responsible for accepting and handling\ncommunication with remote database clients. For more information, visit\nthe product\u0027s website at the following URL. \n\nhttps://www.sdn.sap.com/irj/sdn/maxdb\n\nII. \n\nAfter accepting a connection, the \"vserver\" process forks and reads\nparameters from the client into various structures. When doing so, it\ntrusts values sent from the client to be valid. By sending a specially\ncrafted request, an attacker can cause heap corruption. This leads to a\npotentially exploitable memory corruption condition. \n\nIII. In order to exploit this vulnerability, an\nattacker must be able to establish a TCP session on port 7210 with the\ntarget host. Additionally, the attacker must know the name of an active\ndatabase on the server. \n\nSince this service uses the fork() system call once a connection has\nbeen accepted, an attacker can repeatedly attempt to exploit this\nvulnerability. Some exploitation attempts may result in the database\nprocess ceasing to run, in which case further exploitation attempts\nwill not be possible. \n\nIV. DETECTION\n\niDefense has confirmed the existence of this vulnerability in SAP AG\u0027s\nMaxDB version 7.6.0.37 on Linux. \n\nV. WORKAROUND\n\nEmploying firewalls to limit access to the affected service will\nmitigate exposure to this vulnerability. \n\nVI. VENDOR RESPONSE\n\nSAP AG has addressed this vulnerability by releasing a new version of\nMaxDB. For more information, consult SAP note 1140135. \n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2008-0307 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n12/06/2007  Initial vendor notification\n12/10/2007  Initial vendor response\n03/10/2008  Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2008 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-0307"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      },
      {
        "db": "BID",
        "id": "28183"
      },
      {
        "db": "PACKETSTORM",
        "id": "64375"
      },
      {
        "db": "PACKETSTORM",
        "id": "64480"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-0307",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "28183",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "29312",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-0844",
        "trust": 1.6
      },
      {
        "db": "SECTRACK",
        "id": "1019571",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381",
        "trust": 0.8
      },
      {
        "db": "IDEFENSE",
        "id": "20080310 SAP MAXDB SIGNEDNESS ERROR HEAP CORRUPTION VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "41107",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-177",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "64375",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "64480",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "28183"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      },
      {
        "db": "PACKETSTORM",
        "id": "64375"
      },
      {
        "db": "PACKETSTORM",
        "id": "64480"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0307"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ]
  },
  "id": "VAR-200803-0282",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.1359447
  },
  "last_update_date": "2023-12-18T13:58:13.364000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://maxdb.sap.com/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-189",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0307"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/29312"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/28183"
      },
      {
        "trust": 1.6,
        "url": "http://www.securitytracker.com/id?1019571"
      },
      {
        "trust": 1.0,
        "url": "http://www.vupen.com/english/advisories/2008/0844/references"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41107"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0307"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0307"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/41107"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2008/0844/references"
      },
      {
        "trust": 0.4,
        "url": "https://www.sdn.sap.com/irj/sdn/maxdb"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/489357"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4012/"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/?page=changelog"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=670"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/29312/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/),"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0307"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "28183"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      },
      {
        "db": "PACKETSTORM",
        "id": "64375"
      },
      {
        "db": "PACKETSTORM",
        "id": "64480"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0307"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "28183"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      },
      {
        "db": "PACKETSTORM",
        "id": "64375"
      },
      {
        "db": "PACKETSTORM",
        "id": "64480"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0307"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-03-10T00:00:00",
        "db": "BID",
        "id": "28183"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      },
      {
        "date": "2008-03-12T17:55:23",
        "db": "PACKETSTORM",
        "id": "64375"
      },
      {
        "date": "2008-03-13T00:29:44",
        "db": "PACKETSTORM",
        "id": "64480"
      },
      {
        "date": "2008-03-11T23:44:00",
        "db": "NVD",
        "id": "CVE-2008-0307"
      },
      {
        "date": "2008-03-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-03-12T17:21:00",
        "db": "BID",
        "id": "28183"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      },
      {
        "date": "2017-08-08T01:29:28.430000",
        "db": "NVD",
        "id": "CVE-2008-0307"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "64480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SAP MaxDB of  vserver Integer sign error vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-005381"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "digital error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-177"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2008-0307

Vulnerability from fkie_nvd

Published

2008-03-11 23:44

Modified

2024-11-21 00:41

Severity ?

Summary

Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669
cve@mitre.org	http://secunia.com/advisories/29312	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/28183
cve@mitre.org	http://www.securitytracker.com/id?1019571
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0844/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/41107
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29312	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28183
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019571
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0844/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41107

Impacted products

	Vendor	Product	Version
	sap	maxdb	7.6.0.37

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sap:maxdb:7.6.0.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "75C1FA85-049A-4324-9E18-7C41017B84EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption."
    },
    {
      "lang": "es",
      "value": "Error de presencia de signo en entero en vserver en SAP MaxDB 7.6.0.37, y posiblemente otras versiones permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores no especificados que disparan una corrupci\u00f3n de pila."
    }
  ],
  "id": "CVE-2008-0307",
  "lastModified": "2024-11-21T00:41:38.243",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-03-11T23:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29312"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/28183"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1019571"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0844/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019571"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0844/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41107"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2008-0307

Vulnerability from cvelistv5

gsd-2008-0307

Vulnerability from gsd

ghsa-25xv-g2pj-97p3

Vulnerability from github

var-200803-0282

Vulnerability from variot

fkie_cve-2008-0307

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature