Package: maxdb-webtools Severity: critical Tags: security A vulnerability has been found in MaxDB (CVE-2006-4305):
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client. See e.g. http://secunia.com/advisories/21677 for details Severity critical because I assume it starts WebDBM by default ("introduces a security hole on systems where you install the package"). If this is not the case, it is only "grave". -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
