Summary
| Detail | |||
|---|---|---|---|
| Vendor | 4d | First view | 2004-07-27 |
| Product | Webstar | Last view | 2005-10-05 |
| Version | 5.3.2 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:4d:webstar | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2005-10-05 | CVE-2005-3143 | Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2. |
| 3.6 | 2004-07-27 | CVE-2004-0698 | 4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack. |
| 5 | 2004-07-27 | CVE-2004-0697 | Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information. |
| 5 | 2004-07-27 | CVE-2004-0696 | The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character. |
| 7.5 | 2004-07-27 | CVE-2004-0695 | Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command. |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 19729 | 4D WebSTAR IMAP MacOS Client Unspecified Potential DoS |
| 7797 | 4D WebSTAR Symlink Local Privilege Escalation |
| 7796 | 4D WebSTAR php.ini System Information Disclosure |
| 7795 | 4D WebSTAR ShellExample.cgi Arbitrary Directory Browsing |
| 7794 | 4D WebSTAR Pre-Authentication FTP Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2005-11-03 | Name : 4D WebStar Symbolic Link Vulnerability File : nvt/4d_webstar_symb_link.nasl |
| 2005-11-03 | Name : Various dangerous cgi scripts File : nvt/dangerous_cgis.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | 4DWebstar ShellExample.cgi information disclosure RuleID : 4128 - Type : SERVER-WEBAPP - Revision : 15 |
| 2014-01-10 | USER overflow attempt RuleID : 1734-community - Type : PROTOCOL-FTP - Revision : 50 |
| 2014-01-10 | USER overflow attempt RuleID : 1734 - Type : PROTOCOL-FTP - Revision : 50 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2004-08-09 | Name: The remote FTP server is affected by a local symbolic link vulnerability. File: 4d_webstar_symb_link.nasl - Type: ACT_GATHER_INFO |
| 2004-08-03 | Name: The FTP server is affected by a buffer overflow vulnerability. File: 4d_webstar_ftp_overflow.nasl - Type: ACT_GATHER_INFO |
| 2004-08-03 | Name: The remote web server is susceptible to multiple attacks. File: 4d_webstar_information_disclosure.nasl - Type: ACT_GATHER_INFO |
| 2003-06-17 | Name: The remote web server may contain some dangerous CGI scripts. File: dangerous_cgis.nasl - Type: ACT_ATTACK |
