Vulnerabilities > CVE-2004-1169 - Denial-Of-Service vulnerability in MaxDB

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

mysql

NVD

Published: 2005-01-10

Updated: 2017-07-11

Summary

MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference.

Vulnerable Configurations

Part	Description	Count
Application	Mysql Mysql Maxdb 7.5.00.08 Mysql Maxdb 7.5.00.11 Mysql Maxdb 7.5.00.12 Mysql Maxdb 7.5.00.14 Mysql Maxdb 7.5.00.15 Mysql Maxdb 7.5.00.16 Mysql Maxdb 7.5.00.18	7

References

http://marc.info/?l=bugtraq&m=110244542000340&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/18387