Hi,
I am trying to prepare 7.5.00.38, too, but am having difficulties getting it to
compile.
But I do have the changeset to fix the overflow, and if I can't get build 38
done by the week-end I will try and apply the fix against 7.5.00.34.
Thanks for your effort.
Martin.
--
To UNSUBSCRIBE,
On Tue, Sep 05, 2006 at 09:47:31PM +0200, Stefan Fritsch wrote:
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote
attackers to execute arbitrary code via a long database name when
connecting via a WebDBM client.
FWIW, this is also fixed in 7.5.00.38, as far as I can see. It's
Package: maxdb-webtools
Severity: critical
Tags: security
A vulnerability has been found in MaxDB (CVE-2006-4305):
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote
attackers to execute arbitrary code via a long database name when
connecting via a WebDBM client.
See e.g.
3 matches
Mail list logo
