OpenBase Buffer Overflow Vulnerability and Multiple Remote Command Execution Vulnerabilities
BID:26347
Info
OpenBase Buffer Overflow Vulnerability and Multiple Remote Command Execution Vulnerabilities
| Bugtraq ID: | 26347 |
| Class: | Unknown |
| CVE: |
CVE-2007-5926 CVE-2007-5927 CVE-2007-5928 CVE-2007-5929 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 05 2007 12:00AM |
| Updated: | Nov 20 2007 07:14PM |
| Credit: | Kevin Finisterre is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Openbase International Ltd. OpenBase 10.0.5 Openbase International Ltd. OpenBase 10.0.4 Openbase International Ltd. OpenBase 10.0.3 Openbase International Ltd. OpenBase 10.0.2 Openbase International Ltd. OpenBase 10.0.1 Openbase International Ltd. OpenBase 10.0 |
| Not Vulnerable: | |
Discussion
OpenBase Buffer Overflow Vulnerability and Multiple Remote Command Execution Vulnerabilities
OpenBase is prone to a buffer-overflow vulnerability and multiple remote command-execution vulnerabilities.
An attacker could exploit these issues to execute arbitrary code or commands with superuser privileges. Successfully exploiting these issues will facilitate in the complete compromise of affected computers.
OpenBase is prone to a buffer-overflow vulnerability and multiple remote command-execution vulnerabilities.
An attacker could exploit these issues to execute arbitrary code or commands with superuser privileges. Successfully exploiting these issues will facilitate in the complete compromise of affected computers.
Exploit / POC
OpenBase Buffer Overflow Vulnerability and Multiple Remote Command Execution Vulnerabilities
The following example exploit is available:
The following example exploit is available:
Solution / Fix
OpenBase Buffer Overflow Vulnerability and Multiple Remote Command Execution Vulnerabilities
Solution:
The vendor released an update to address these issues. Please see the references for more information.
Solution:
The vendor released an update to address these issues. Please see the references for more information.
References
OpenBase Buffer Overflow Vulnerability and Multiple Remote Command Execution Vulnerabilities
References:
References:
- OpenBase Homepage (OpenBase International, Ltd)
- OpenBase SQL Relational Database Multiple Remote Vulnerabilities (Kevin Finisterre)