CVE-2001-1127
published 2001-10-05CVE-2001-1127: Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx…
PriorityP426high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
2.37%
81.7th percentile
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| progress | progress | — | — |
| progress | progress | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Progress Database 9.1 - sqlcpp Local Buffer Overflow
exploitdb·2002-03-22
CVE-2001-1127 Progress Database 9.1 - sqlcpp Local Buffer Overflow
Progress Database 9.1 - sqlcpp Local Buffer Overflow
---
// source: https://www.securityfocus.com/bid/4402/info
Progress is a commercial database for Microsoft Windows and Unix systems.
A buffer overflow has been reported in the sqlcpp program included with Progress, used as a SQL preprocessor. Execution of arbitrary code is possible.
This issue has been reported to affect Unix systems. This vulnerability may also exist under Windows, this has not however been confirmed.
/*
* Yet another Progress Database exploit (version ??)
*
* The vulnerability was found by KF / Snosoft (http://www.snosoft.com)
* Exploit coded up by The Itch / Promisc (http://www.promisc.org)
*
* This exploit was developed on the Snosoft vulnerability research machines
* mail [email protected] if you are intere
Exploit-DB
Progress Database 8.3/9.1 - Multiple Buffer Overflows
exploitdb·2001-10-05
CVE-2001-1127 Progress Database 8.3/9.1 - Multiple Buffer Overflows
Progress Database 8.3/9.1 - Multiple Buffer Overflows
---
source: https://www.securityfocus.com/bid/3404/info
Progress is a commercial database for Microsoft Windows and Unix systems.
Locally exploitable buffer overflows are prevalent throughout many Progress Database programs. This is largely due to insufficient bounds checking of data which is externally supplied to strcpy functions.
These problems could be exploited to allow a local attacker to execute arbitrary code on a host with the privileges of each individual affected program.
This situation could be leveraged by the attacker to gain root privileges on the host.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21117.tar
No writeups or analysis indexed.
2001-10-05
Published