Summary
| Detail | |||
|---|---|---|---|
| Vendor | 4d | First view | 2004-07-27 |
| Product | Webstar | Last view | 2005-10-05 |
| Version | Type | ||
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2005-10-05 | CVE-2005-3143 | Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2. |
| 5 | 2005-05-11 | CVE-2005-1507 | Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL. |
| 3.6 | 2004-07-27 | CVE-2004-0698 | 4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack. |
| 5 | 2004-07-27 | CVE-2004-0697 | Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information. |
| 5 | 2004-07-27 | CVE-2004-0696 | The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character. |
| 7.5 | 2004-07-27 | CVE-2004-0695 | Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command. |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 19729 | 4D WebSTAR IMAP MacOS Client Unspecified Potential DoS |
| 16154 | 4D WebSTAR Tomcat Plugin URL Remote Overflow |
| 7797 | 4D WebSTAR Symlink Local Privilege Escalation |
| 7796 | 4D WebSTAR php.ini System Information Disclosure |
| 7795 | 4D WebSTAR ShellExample.cgi Arbitrary Directory Browsing |
| 7794 | 4D WebSTAR Pre-Authentication FTP Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2005-11-03 | Name : 4D WebStar Tomcat Plugin Remote Buffer Overflow flaw File : nvt/4d_webstar_remote_buff_overflow.nasl |
| 2005-11-03 | Name : 4D WebStar Symbolic Link Vulnerability File : nvt/4d_webstar_symb_link.nasl |
| 2005-11-03 | Name : Various dangerous cgi scripts File : nvt/dangerous_cgis.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | 4DWebstar ShellExample.cgi information disclosure RuleID : 4128 - Type : SERVER-WEBAPP - Revision : 15 |
| 2014-01-10 | USER overflow attempt RuleID : 1734-community - Type : PROTOCOL-FTP - Revision : 50 |
| 2014-01-10 | USER overflow attempt RuleID : 1734 - Type : PROTOCOL-FTP - Revision : 50 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2005-05-09 | Name: The remote web server is susceptible to a remote buffer overflow attack. File: 4d_webstar_remote_buff_overflow.nasl - Type: ACT_GATHER_INFO |
| 2004-08-09 | Name: The remote FTP server is affected by a local symbolic link vulnerability. File: 4d_webstar_symb_link.nasl - Type: ACT_GATHER_INFO |
| 2004-08-03 | Name: The FTP server is affected by a buffer overflow vulnerability. File: 4d_webstar_ftp_overflow.nasl - Type: ACT_GATHER_INFO |
| 2004-08-03 | Name: The remote web server is susceptible to multiple attacks. File: 4d_webstar_information_disclosure.nasl - Type: ACT_GATHER_INFO |
| 2003-06-17 | Name: The remote web server may contain some dangerous CGI scripts. File: dangerous_cgis.nasl - Type: ACT_ATTACK |
