CVE-2019-13929

A vulnerability has been identified in SIMATIC IT UADM All versions V1.3. An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security...

CVE-2019-13929

A vulnerability has been identified in SIMATIC IT UADM All versions V1.3. An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security...

CVE-2019-13929

CVE-2019-13929 affects Siemens SIMATIC IT UADM (pre-1.3). A authenticated remote attacker with network access to port 1434/tcp could recover a password enabling read/write access to the related TeamCenter station, without user interaction. The root cause is use of a hard-coded cryptographic key. ...

CVE-2019-13929

A vulnerability has been identified in SIMATIC IT UADM All versions V1.3. An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security...

ICSA-19-281-04 Siemens SIMATIC IT UADM

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC IT Unified Architecture Discrete Manufacturing UADM Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability...

Microsoft SQL Server 2000 Resolution Service Heap Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5310/info A vulnerability in Microsoft SQL Server 2000 could allow remote attackers to access target hosts. A problem in the SQL Server Resolution Service allows a remote attacker to execute arbitrary code on a vulnerable...

[SET v5.1] The Social-Engineer Toolkit codename “Name of the Doctor”

The Social-Engineer Toolkit SET version 5.1 codename “ Name of the Doctor ” has been released. This version adds a complete rewrite of the MSSQL Bruter as well as a new attack vector utilizing the PSExec functionality within Metasploit. The MSSQL Bruter now incorporates UDP port 1434 quick...

Microsoft SQL Server - Resolution Overflow (MS02-039) (Metasploit)

$Id: ms02039slammer.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

Microsoft SQL Server Resolution Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft SQ...

CVE-2003-0353

CVE-2003-0353 details a Unicode buffer overflow in the SQL-DMO component of Microsoft MDAC (versions 2.5–2.7) that can be exploited by a long UDP broadcast response on port 1434, enabling remote code execution. Affected packages include MDAC 2.5/2.6/2.7 with various SPs; fixes are described in MS...

CVE-2003-0353

Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components MDAC 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434...

VulnCheck KEV: CVE-2002-0649

Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 MSDE allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which 1 a 0x04 byte that causes the SQL Monitor thread to...

CVE-2002-0650

The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service bandwidth consumption via a "ping" style packet to the Resolution Service UDP port 1434 with a spoofed IP address of another SQL Server system, which causes the two servers to exchange...

CVE-2002-0649

Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 MSDE allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which 1 a 0x04 byte that causes the SQL Monitor thread to generate...

Microsoft SQL Server 2000 contains heap buffer overflow in SQL Server Resolution Service

Overview Microsoft SQL Server 2000 contains a remotely exploitable heap buffer overflow that allows attackers to execute arbitrary code with the same privileges as the SQL server. Description The SQL Server Resolution Service SSRS was introduced in Microsoft SQL Server 2000 to provide referral...

Microsoft SQL Server 2000 contains stack buffer overflow in SQL Server Resolution Service

Overview Microsoft SQL Server 2000 contains a remotely exploitable stack buffer overflow that allows attackers to execute arbitrary code with the same privileges as the SQL server. Description The SQL Server Resolution Service SSRS was introduced in Microsoft SQL Server 2000 to provide referral...