Welcome, Guest. Please login or register.
August 21, 2008, 03:25:31 PM
Home Help Search Login Register
News: We just upgraded to SMF, hope you like it!!

+  Akoss Forum
|-+  General
| |-+  Web Site Chat
| | |-+  Vulnerability in Macromedia Dreamweaver		 « previous next »
Pages: [1] Print
Author Topic: Vulnerability in Macromedia Dreamweaver  (Read 541 times)
akoss
Administrator
Full Member
*****
Offline Offline

Posts: 218


akossweb
View Profile WWW
Vulnerability in Macromedia Dreamweaver
« on: April 15, 2004, 11:17:16 AM »
Vulnerability in Macromedia Dreamweaver


Security Alert, April 14, 2004

Vulnerability in Macromedia Dreamweaver
NGSSoftware discovered that Dreamweaver by default creates and
uploads a script to test remote database connectivity (mmhttpdb.asp)
to the database-driven Web site being tested. If left on the server,
the script can let a potential attacker access the back-end database
server without supplying a user ID and password. Macromedia has
released an alert about this vulnerability.


VERSIONS AFFECTED

Dreamweaver MX 2004 (all versions)
Dreamweaver MX (all versions)
Dreamweaver UltraDev 4 (all versions)


DESCRIPTION

Dreamweaver by default creates and uploads a script to test remote database connectivity (mmhttpdb.asp) to the database-driven Web site being tested. If left on the server, the script can let a potential attacker access to the back-end database server without supplying a user ID and password.

go to this website for more info. http://www.macromedia.com/devnet/security/.../mpsb04-05.html
Logged
akoss

=^..^=
Pages: [1] Print 
« previous next »
Jump to:  


Login with username, password and session length

Powered by MySQL Powered by PHP Akoss Forum | Powered by SMF 1.0.9.
© 2001-2005, Lewis Media. All Rights Reserved. 		Valid XHTML 1.0! Valid CSS!