Discussions tagged Security
Dear Appeon:
There is another security issue to ask your advice, Is there any way for Powerbuiilder to prevent code injection by marking memory regions as non-executable? as we known ASLR, DEP, and SafeSEH are considered best practices for all devel...
Hello everyone!Do you know if it still makes sense (PB 2022 R3) to apply this security when our C/S app runs on Windows 10/11?I have never used it and I want to see in which case I would use it.
I would like to know if this configuration has a signi...
SSL Pinning for powerserver application
- Resolved
- How-to
- Last updated 5 months ago
- Logan Liu @Appeon replied 5 months ago
Hi team,
Powerserver deployed application undergone for VA/PT process and observed that SSL pinning to be enabled in application, how we can do this? any guide help us
Below is the observation
Vulnerability: Application is vulnerable to MITM Attac...
Alternative to GetFileOpenName() and GetFileSaveName()
- Resolved
- Advice
- Last updated 1 year ago
- Tim Ford replied 9 months ago
Short of writing a custom interface, can anyone suggest an alternative to the PB standard functions GetFileOpenName() and GetFileSaveName()? We are wanting to let users select a file for open or save, but restrict their ability to change the folder b...
Hi Everyone,
What can be done to avoid DLL hijacking for a Powerbuilder application in a Windows environment.
Files may be signed using Microsoft sign tool but this will not protect from hijacking unless you somehow use verify to check the
files ...
Hi PB users,
With the new Security Bulletin: Apache Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228) we start to answer our customers that they are not affected by our applications because we only use classic Powerbuilder branch and we do...
About pbdwr.pbd. Part of runtime, not digitally signed. Is it tamper proof?
- Misc
- Last updated 3 years ago
- Erwin Anema replied 3 years ago
Hi PowerBuilder community,
Currently, all PowerBuilder runtime DLL files have been signed, which is great.
Part of the PowerBuilder runtime (for PowerBuilder 2019 R3) is pbdwr.pbd.That file isn't signed as far as I can tell. Perhaps it cannot be si...
Powerbuilder app code protection, obfuscator, software licensing system tool
- Advice
- Last updated 3 years ago
- Joseph Vendra replied 2 years ago
Hello fellows, Are there tools to provide code protection, obfuscation and software system licensing for applications genertated in Powerbuilder (powerscript)?. Thanks....
Conditionally Show Fields in Form
- Resolved
- How-to
- Last updated 3 years ago
- Diane Royer replied 3 years ago
We are currently using Infomaker 2019. We have some forms that were created with Infomaker. We are adding some fields to one of these forms. However, the fields we are adding have some confidential information. As a result, we want the user to ve...
Securing a SnapDevelop ASP.NET Core 3.1 Web API
- Resolved
- How-to
- Last updated 3 years ago
- Armeen Mazda @Appeon replied 2 years ago
Are there any samples or guidance for securing a ASP.NET Core 3.1 Web API as templated by SnapDevelop?
For example, I am working from the following fine sample:
ASP.NET Core 3.1 - Simple API for Authentication, Registration and User Management | ...
Sign a xml file with a certificate (a1, a3...)
- How-to
- Last updated 3 years ago
- Govinda Lopez @Appeon replied 3 weeks ago
Hi All!
How sign a xml file with a certificate x.509?
Here we use many many xml files to exchange information between companies and we need sign with certificate x.509 (A1, A3...) these files to guarantee the security...
Is there a resource in PB ...
Using PFC Security and the Ribbon Bar
- How-to
- Last updated 4 years ago
- Armeen Mazda @Appeon replied 4 years ago
Hi all,
One of my apps uses the PFC security app to set up users, groups and access to windows, etc (I know old school right). I only use it to prevent certain users from seeing [admin] options on the menu and being able to click on them to open win...
Native PDF Metadata - Security Issue
- Issue
- Last updated 4 years ago
- Adrian Parker replied 4 years ago
We've just had a security review and one thing that has been highlighted as important is that the PDFs generated by Powerbuilder PDFLib contain metadata.. which in of itself is okay, but one of the elements is the name of the windows user who created...
Convert Powerbuilder 2019 to C/C++/C# for Security Code Scan
- Resolved
- How-to
- Last updated 4 years ago
- Michael Kramer replied 4 years ago
Hello All,
We have our applications on Powerbuilder 2019. Due to third party requirement, we need to scan our code for vulnerabilities using any 'Source code Analysis tools' and generate report. I didn't find any tool for PB scripts.
Can anyone kin...
Risks of keeping apps on Power Builder 10.x /12.x platform
- Advice
- Last updated 4 years ago
- Armeen Mazda @Appeon replied 4 years ago
We have number of applications in Power Builder 10.x and 12.x with SQL server as back end database using ODBC connections. These are built using Power builder Classic. I know PB 10.x/12.x is not supported anymore. I need an advice from experts on wha...
How do you configure SSL to Sybase ASE database
- How-to
- Last updated 4 years ago
- Greg Harbutt replied 3 years ago
Can someone please provide guidance on how to configure a database connection to use SSL to a Sybase ASE database? I need to know how to connect from both the Powerbuilder IDE and, separately, from a client/server application.
We are currently usin...
Hello,
I'm trying to understand security for a PowerServer deployment when used to deploy a traditional Powerbuilder (classic) application.
Is there good documentation that I could read, and could be shown to security architects?
In particular, I'...
SQL sentences present in memory
- Resolved
- How-to
- Last updated 5 years ago
- David Peace (Powersoft) replied 5 years ago
Hi everyone, currently I'm using PowerBuilder 2017 connected to Oracle 19C. During some audit test of my app I received some notifications about my tool.
When I have SQL scripts embedded in my code, if I run the tool and test the memory, those scrip...
EditMask issue in PowerBuilder 12.5 Classic application when not an Admin user
- Issue
- Last updated 6 years ago
- Olan Knight replied 6 years ago
I have a client running a Powerbuilder 12.5 Classic application on Windows 10 workstations and for some reason they are unable to type or tab into any editmask fields unless they run the application as an administrator. This client has their UAC max...
Powerbuilder and Security
- Resolved
- Misc
- Last updated 6 years ago
- Christophe Dufourmantelle replied 3 years ago
Does anyone know of any tools that might be able to analyze a Powerbuilder classic app for potential security vulnerabilities? Sort of like an HP Fortify for native Powerscript? I saw an answer to a similar question that it may be possible with cer...
- Page :
- 1