CVE-2015-9098

In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any monitored Microsoft SQL Server machines. If the Base Monitor is connecting to these machines using an...

XenMobile Server is in recovery mode "application failed to start"

Could be observed in multiple scenarios 1. Unable to access one of the node in the cluster. 2. Server went into recovery mode while upgrading or applying patch 3. Server went into recovery mode when the database is not accessible 4. SQLserverran out of space for log drive Node in recovery mode an...

Veeam Explorer for SQL (VESQL): Unable to pass current account's context to the mount server

Challenge When attempting to restore a database using Veeam Explorer for Microsoft SQL Server with the "Use current account" option, the following error occurs: Access is denied: unable to pass current account's context to the mount server, please supply credentials and try again. Cause Veeam...

Introducing RubySMB: The Protocol Library Nobody Else Wanted To Write

The Server Message Block SMB protocol family is arguably one of the most important network protocols to be conversant in as a security professional. It carries the capability for File and Print Sharing, remote process execution, and an entire system of Named Pipes that serve as access points to a...

Firebird SQL Server for Linux Installed (credentialed check)

Firebird SQL Server, an open source database server, is installed on the remote Linux host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid99133; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/05/24"; scriptxrefname:"IAVT",...

Firebird SQL Server for Linux 2.5.x < 2.5.7 / 3.0.x < 3.0.2 UDF Libraries RCE

The version of Firebird SQL Server for Linux installed on the remote host is 2.5.x prior to 2.5.7 or 3.0.x prior to 3.0.2. It is, therefore, affected by a flaw in the UDF component due to insufficient restrictions on access to external functions by the symbols of the UDF library. An authenticated...

List of hotfixes and updates that are contained in System Center Configuration Manager 2007 Service Pack 2

Lists Microsoft Knowledge Base KB articles that describe the hotfixes and updates that are contained in Microsoft System Center Configuration Manager 2007 Service Pack 2 SP2.INTRODUCTIONThis article lists Microsoft Knowledge Base KB articles that describe the hotfixes and updates that are contain...

Firebird - Relational Database CNCT Group Number Buffer Overflow Exploit

Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Firebird Relational Database CNCT Group Number Buffer Overflow',...

MySQL: Multiple vulnerabilities

Background MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact An attacker could possibly escalat...

Microsoft SQL Server Clr Stored Procedure Payload Execution Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Microsoft SQL Server Clr Stored Procedure Payload Execution',...

Microsoft SQL Server Clr Stored Procedure Payload Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Microsoft SQL Server Clr Stored Procedure Payload Execution', 'Description' = %q This module executes an arbitrary native paylo...

Microsoft SQL Server Clr Stored Procedure Payload Execution

This module executes an arbitrary native payload on a Microsoft SQL server by loading a custom SQL CLR Assembly into the target SQL installation, and calling it directly with a base64-encoded payload. The module requires working credentials in order to connect directly to the MSSQL Server. This...

Update Rollup 12 for System Center 2012 R2 Virtual Machine Manager

Update Rollup 12 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 12 for Microsoft System Center 2012 R2 Virtual Machine Manager. There are three updates available for System Center 2012 R2 Virtual Machine Manager: on...

Default Credentials Found in Schneider Electric Wonderware Historian

The Industrial Control System Cyber Emergency Response Team ICS-CERT on Tuesday published an advisory warning of a critical vulnerability in Schneider Electric Wonderware Historian, a platform used to capture, store and manage big data. The vulnerability, CVE-2017-5155, can be exploited to target...

Microsoft Dynamics CRM 2011 Update Rollup 15

Microsoft Dynamics CRM 2011 Update Rollup 15 We have identified a compatibility issue that occurs when you use the Microsoft Dynamics CRM 2011 Client for Outlook with Update Rollup 15 applied against a Dynamics CRM 2013 server. This issue does not affect Dynamics CRM 2011 servers. A new Update...

Schneider Electric Wonderware Historian

CVSS V3 7.3 ATTENTION: Remotely exploitable/Low skill level to exploit Vendor: Schneider Electric Equipment: Wonderware Historian Vulnerability: Credentials Management AFFECTED PRODUCTS The following Wonderware Historian versions are affected: Wonderware Historian 2014 R2 SP1 P01 and earlier...

MS12-060: Description of the security update for SQL Server 2000 Service Pack 4 QFE: August 14, 2012

MS12-060: Description of the security update for SQL Server 2000 Service Pack 4 QFE: August 14, 2012 View products that this article applies to.Microsoft has released the security bulletin MS12-060. You can view the complete security bulletin by going to of the following Microsoft websites: Home...

MS15-058: Description of the nonsecurity update for SQL Server 2014 Service Pack 1 GDR: July 14, 2015

MS15-058: Description of the nonsecurity update for SQL Server 2014 Service Pack 1 GDR: July 14, 2015 Summary Microsoft has released security bulletin MS15-058. However, Microsoft SQL Server 2014 Service Pack 1 is not affected by the vulnerabilities that are discussed in this bulletin. But, it is...

Description of Update Rollup 1 for System Center 2012 R2 Virtual Machine Manager

Description of Update Rollup 1 for System Center 2012 R2 Virtual Machine Manager Summary This article contains a complete description of all changes in Update Rollup 1 for Microsoft System Center 2012 R2 Virtual Machine Manager. Important It is imperative that you review the installation...

MS14-044: Description of the security update for SQL Server 2008 SP3 (GDR): August 12, 2014

MS14-044: Description of the security update for SQL Server 2008 SP3 GDR: August 12, 2014 INTRODUCTION Microsoft has released security bulletin MS14-044. To learn more about this security bulletin: Home users: https://www.microsoft.com/security/pc-security/updates.aspxSkip the details: Download t...