Vulnerability-Lookup

CVE-2004-0931 (GCVE-0-2004-0931)

Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:31

Summary

Severity

No CVSS data available.

CWE

Assigner

mitre

References

5 references

URL	Tags
http://www.osvdb.org/10532	vdb-entryx_refsource_OSVDB
http://www.secunia.com/advisories/12756	third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/11346	vdb-entryx_refsource_BID
http://www.idefense.com/application/poi/display?i…	third-party-advisoryx_refsource_IDEFENSE
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public

2004-10-06 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:48.090Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10532",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/10532"
          },
          {
            "name": "12756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://www.secunia.com/advisories/12756"
          },
          {
            "name": "11346",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11346"
          },
          {
            "name": "20041006 MySQL MaxDB Web Agent WebDBMServer Name Denial of Service Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false"
          },
          {
            "name": "maxdb-isascii7dos(17633)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17633"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-10-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10532",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/10532"
        },
        {
          "name": "12756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://www.secunia.com/advisories/12756"
        },
        {
          "name": "11346",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11346"
        },
        {
          "name": "20041006 MySQL MaxDB Web Agent WebDBMServer Name Denial of Service Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false"
        },
        {
          "name": "maxdb-isascii7dos(17633)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17633"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0931",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10532",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/10532"
            },
            {
              "name": "12756",
              "refsource": "SECUNIA",
              "url": "http://www.secunia.com/advisories/12756"
            },
            {
              "name": "11346",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11346"
            },
            {
              "name": "20041006 MySQL MaxDB Web Agent WebDBMServer Name Denial of Service Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false"
            },
            {
              "name": "maxdb-isascii7dos(17633)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17633"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0931",
    "datePublished": "2005-01-19T05:00:00.000Z",
    "dateReserved": "2004-10-04T00:00:00.000Z",
    "dateUpdated": "2024-08-08T00:31:48.090Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2004-0931",
      "date": "2026-06-24",
      "epss": "0.01831",
      "percentile": "0.76108"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:maxdb:7.5.00.08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2635818-D83B-4C7A-9693-4EB202DA16AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:maxdb:7.5.00.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D28E5409-B8F1-4A9E-9A1E-0B023E5190DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:maxdb:7.5.00.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67E23371-678E-476B-B067-FCD655861CE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:maxdb:7.5.00.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C6C9B28-F515-4F47-83F6-F2D4164B8D83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:maxdb:7.5.00.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"160A9738-B169-4022-85BC-14B0BBFD1C01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:maxdb:7.5.00.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8442206-133D-4048-8064-D5724FDF0E04\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.\"}]",
      "id": "CVE-2004-0931",
      "lastModified": "2024-11-20T23:49:42.737",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2004-12-31T05:00:00.000",
      "references": "[{\"url\": \"http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/10532\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.secunia.com/advisories/12756\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/11346\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/17633\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/10532\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.secunia.com/advisories/12756\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/11346\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/17633\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-0931\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-12-31T05:00:00.000\",\"lastModified\":\"2026-04-16T00:27:16.627\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:maxdb:7.5.00.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2635818-D83B-4C7A-9693-4EB202DA16AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:maxdb:7.5.00.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D28E5409-B8F1-4A9E-9A1E-0B023E5190DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:maxdb:7.5.00.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67E23371-678E-476B-B067-FCD655861CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:maxdb:7.5.00.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C6C9B28-F515-4F47-83F6-F2D4164B8D83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:maxdb:7.5.00.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"160A9738-B169-4022-85BC-14B0BBFD1C01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:maxdb:7.5.00.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8442206-133D-4048-8064-D5724FDF0E04\"}]}]}],\"references\":[{\"url\":\"http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/10532\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.secunia.com/advisories/12756\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/11346\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/17633\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/10532\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.secunia.com/advisories/12756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/11346\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/17633\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2004-0931

Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2026-06-16 22:06

Severity

Summary

References

URL	Tags
cve@mitre.org	http://www.idefense.com/application/poi/display?id=150&type=vulnerabilities&flashstatus=false
cve@mitre.org	http://www.osvdb.org/10532
cve@mitre.org	http://www.secunia.com/advisories/12756	Patch
cve@mitre.org	http://www.securityfocus.com/bid/11346	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17633
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/application/poi/display?id=150&type=vulnerabilities&flashstatus=false
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/10532
af854a3a-2127-422b-91ae-364da2661108	http://www.secunia.com/advisories/12756	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11346	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17633

Impacted products

Vendor	Product	Version
mysql	maxdb	7.5.00.08
mysql	maxdb	7.5.00.11
mysql	maxdb	7.5.00.12
mysql	maxdb	7.5.00.14
mysql	maxdb	7.5.00.15
mysql	maxdb	7.5.00.16

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "cve@mitre.org"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2635818-D83B-4C7A-9693-4EB202DA16AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28E5409-B8F1-4A9E-9A1E-0B023E5190DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "67E23371-678E-476B-B067-FCD655861CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C6C9B28-F515-4F47-83F6-F2D4164B8D83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "160A9738-B169-4022-85BC-14B0BBFD1C01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8442206-133D-4048-8064-D5724FDF0E04",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function."
    }
  ],
  "id": "CVE-2004-0931",
  "lastModified": "2026-06-16T22:06:41.423",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/10532"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.secunia.com/advisories/12756"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11346"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/10532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.secunia.com/advisories/12756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11346"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17633"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-79C5-QMPH-7GHJ

Vulnerability from github – Published: 2022-04-29 02:58 – Updated: 2022-04-29 02:58

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2004-0931"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2004-12-31T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.",
  "id": "GHSA-79c5-qmph-7ghj",
  "modified": "2022-04-29T02:58:38Z",
  "published": "2022-04-29T02:58:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0931"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17633"
    },
    {
      "type": "WEB",
      "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/10532"
    },
    {
      "type": "WEB",
      "url": "http://www.secunia.com/advisories/12756"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/11346"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2004-0931

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2004-0931

Aliases

CVE-2004-0931

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2004-0931",
    "description": "MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.",
    "id": "GSD-2004-0931"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2004-0931"
      ],
      "details": "MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.",
      "id": "GSD-2004-0931",
      "modified": "2023-12-13T01:22:55.008415Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2004-0931",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "10532",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/10532"
          },
          {
            "name": "12756",
            "refsource": "SECUNIA",
            "url": "http://www.secunia.com/advisories/12756"
          },
          {
            "name": "11346",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/11346"
          },
          {
            "name": "20041006 MySQL MaxDB Web Agent WebDBMServer Name Denial of Service Vulnerability",
            "refsource": "IDEFENSE",
            "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false"
          },
          {
            "name": "maxdb-isascii7dos(17633)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17633"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.08:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0931"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "11346",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/11346"
            },
            {
              "name": "10532",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/10532"
            },
            {
              "name": "12756",
              "refsource": "SECUNIA",
              "tags": [
                "Patch"
              ],
              "url": "http://www.secunia.com/advisories/12756"
            },
            {
              "name": "20041006 MySQL MaxDB Web Agent WebDBMServer Name Denial of Service Vulnerability",
              "refsource": "IDEFENSE",
              "tags": [],
              "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false"
            },
            {
              "name": "maxdb-isascii7dos(17633)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17633"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-11T01:30Z",
      "publishedDate": "2004-12-31T05:00Z"
    }
  }
}

VAR-200412-1126

Vulnerability from variot - Updated: 2023-12-18 11:20

MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function. A remotely exploitable denial of service vulnerability exists in MaxDB. This will reportedly trigger an exception due to an assert directive failing, resulting in a denial of service condition in the web agent. This issue was reportedly tested on Windows and Linux versions. Other versions could also be affected. MySQL MaxDB Web Agent WebDBM Server Name Denial of Service Vulnerability

iDEFENSE Security Advisory 10.06.04a: www.idefense.com/application/poi/display?id=150&type=vulnerabilities October 6, 2004

I. BACKGROUND

MaxDB by MySQL is a re-branded and enhanced version of SAP DB, SAP AG's open source database. MaxDB is a heavy-duty, SAP-certified open source database that offers high availability, scalability and a comprehensive feature set. MaxDB complements the MySQL database server, targeted for large mySAP ERP environments and other applications that require maximum enterprise-level database functionality.

II.

The problem specifically exists due to improper input validation of a user-supplied variable in the IsAscii7() function.

wahttp:
ToolsCommon/Tools_DynamicUTF8String.hpp:249:
Tools_DynamicUTF8String::Tools_DynamicUTF8String(const SAPDB_Char *)
Assertion `IsAscii7(src)' failed.

Program received signal SIGABRT, Aborted. 
[Switching to Thread 10251 (LWP 12706)]
0x40429781 in kill () from /lib/libc.so.6

III.

IV. DETECTION

iDEFENSE has confirmed that SAP DB version 7.5 for both Linux and Windows is vulnerable.

V. WORKAROUND

Use of an ingress perimeter firewall filter can help detect and mitigate the risk of attack.

VI. VENDOR RESPONSE

"A solution for the issue is available with MaxDB 7.5.00.18."

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the names CAN-2004-0931 to these issues. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.

VIII. DISCLOSURE TIMELINE

08/16/2004 Initial vendor notification 08/16/2004 iDEFENSE clients notified 08/19/2004 Initial vendor response 10/06/2004 Coordinated public disclosure

IX. CREDIT

Patrik Karlsson (cqure.net) is credited with this discovery.

Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp

X. LEGAL NOTICES

Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200412-1126",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "maxdb",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "mysql",
        "version": "7.5.00.15"
      },
      {
        "model": "maxdb",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "mysql",
        "version": "7.5.00.12"
      },
      {
        "model": "maxdb",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "mysql",
        "version": "7.5.00.14"
      },
      {
        "model": "maxdb",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "mysql",
        "version": "7.5.00.08"
      },
      {
        "model": "maxdb",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "mysql",
        "version": "7.5.00.11"
      },
      {
        "model": "maxdb",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "mysql",
        "version": "7.5.00.16"
      },
      {
        "model": "db",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.5"
      },
      {
        "model": "ab maxdb",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mysql",
        "version": "7.5.00.16"
      },
      {
        "model": "ab maxdb",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mysql",
        "version": "7.5.00.15"
      },
      {
        "model": "ab maxdb",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mysql",
        "version": "7.5.00.14"
      },
      {
        "model": "ab maxdb",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mysql",
        "version": "7.5.00.12"
      },
      {
        "model": "ab maxdb",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mysql",
        "version": "7.5.00.11"
      },
      {
        "model": "ab maxdb",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mysql",
        "version": "7.5.00.08"
      },
      {
        "model": "ab maxdb",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "mysql",
        "version": "7.5.00.18"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "11346"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.08:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:maxdb:7.5.00.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0931"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Discovery is credited to Patrik Karlsson.",
    "sources": [
      {
        "db": "BID",
        "id": "11346"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2004-0931",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2004-0931",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200412-644",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function. A remotely exploitable denial of service vulnerability exists in MaxDB. \nThis will reportedly trigger an exception due to an assert directive failing, resulting in a denial of service condition in the web agent. \nThis issue was reportedly tested on Windows and Linux versions.  Other versions could also be affected. MySQL MaxDB Web Agent WebDBM Server Name Denial of Service Vulnerability\n\niDEFENSE Security Advisory 10.06.04a:\nwww.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\nOctober 6, 2004\n\nI. BACKGROUND\n\nMaxDB by MySQL is a re-branded and enhanced version of SAP DB, SAP AG\u0027s\nopen source database. MaxDB is a heavy-duty, SAP-certified open source\ndatabase that offers high availability, scalability and a comprehensive\nfeature set. MaxDB complements the MySQL database server, targeted for\nlarge mySAP ERP environments and other applications that require maximum\nenterprise-level database functionality. \n\nII. \n\nThe problem specifically exists due to improper input validation of a\nuser-supplied variable in the IsAscii7() function. \n\n    wahttp:\n    ToolsCommon/Tools_DynamicUTF8String.hpp:249:\n    Tools_DynamicUTF8String::Tools_DynamicUTF8String(const SAPDB_Char *)\n    Assertion `IsAscii7(src)\u0027 failed. \n\n    Program received signal SIGABRT, Aborted. \n    [Switching to Thread 10251 (LWP 12706)]\n    0x40429781 in kill () from /lib/libc.so.6\n\nIII. \n\nIV. DETECTION\n\niDEFENSE has confirmed that SAP DB version 7.5 for both Linux and\nWindows is vulnerable. \n\nV. WORKAROUND\n\nUse of an ingress perimeter firewall filter can help detect and mitigate\nthe risk of attack. \n\nVI. VENDOR RESPONSE\n\n\"A solution for the issue is available with MaxDB 7.5.00.18.\"\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nnames CAN-2004-0931 to these issues. This is a candidate for inclusion\nin the CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n08/16/2004   Initial vendor notification\n08/16/2004   iDEFENSE clients notified\n08/19/2004   Initial vendor response\n10/06/2004   Coordinated public disclosure\n\nIX. CREDIT\n\nPatrik Karlsson (cqure.net) is credited with this discovery. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nX. LEGAL NOTICES\n\nCopyright (c) 2004 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.netsys.com/full-disclosure-charter.html\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0931"
      },
      {
        "db": "BID",
        "id": "11346"
      },
      {
        "db": "PACKETSTORM",
        "id": "34608"
      }
    ],
    "trust": 1.26
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2004-0931",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "11346",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "12756",
        "trust": 1.6
      },
      {
        "db": "OSVDB",
        "id": "10532",
        "trust": 1.6
      },
      {
        "db": "IDEFENSE",
        "id": "20041006 MYSQL MAXDB WEB AGENT WEBDBMSERVER NAME DENIAL OF SERVICE VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "7",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "17633",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "34608",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "11346"
      },
      {
        "db": "PACKETSTORM",
        "id": "34608"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ]
  },
  "id": "VAR-200412-1126",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.1359447
  },
  "last_update_date": "2023-12-18T11:20:40.817000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0931"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities\u0026flashstatus=false"
      },
      {
        "trust": 1.6,
        "url": "http://www.osvdb.org/10532"
      },
      {
        "trust": 1.6,
        "url": "http://www.secunia.com/advisories/12756"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/11346"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17633"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/17633"
      },
      {
        "trust": 0.4,
        "url": "http://www.idefense.com/application/poi/display?id=150\u0026type=vulnerabilities"
      },
      {
        "trust": 0.3,
        "url": "http://www.mysql.com/products/maxdb/"
      },
      {
        "trust": 0.1,
        "url": "http://lists.netsys.com/full-disclosure-charter.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.idefense.com/poi/teams/vcp.jsp"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0931"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org),"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "11346"
      },
      {
        "db": "PACKETSTORM",
        "id": "34608"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "11346"
      },
      {
        "db": "PACKETSTORM",
        "id": "34608"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-10-07T00:00:00",
        "db": "BID",
        "id": "11346"
      },
      {
        "date": "2004-10-13T05:40:14",
        "db": "PACKETSTORM",
        "id": "34608"
      },
      {
        "date": "2004-12-31T05:00:00",
        "db": "NVD",
        "id": "CVE-2004-0931"
      },
      {
        "date": "2004-12-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-07-12T07:06:00",
        "db": "BID",
        "id": "11346"
      },
      {
        "date": "2017-07-11T01:30:35.307000",
        "db": "NVD",
        "id": "CVE-2004-0931"
      },
      {
        "date": "2006-03-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "34608"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "MySQL MaxDB WebDBM Server Name Service Rejection Vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-644"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2004-0931 (GCVE-0-2004-0931)

FKIE_CVE-2004-0931

GHSA-79C5-QMPH-7GHJ

GSD-2004-0931

VAR-200412-1126

Tags

Sightings

Nomenclature