4530 matches found
Microsoft SQL Server Generic Query from File
This module will allow for multiple SQL queries contained within a specified file to be executed against a Microsoft SQL MSSQL Server instance, given the appropriate credentials. This module requires Metasploit: https://metasploit.com/download Current source:...
Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
SwaggSec gained access to China Telecom and Warner Bros
SwaggSec gained access to China Telecom and Warner Bros A hacking group is claiming to have breached the networks of Warner Bros. and China Telecom, releasing documents and publishing login credentials. Swagg Security, or SwaggSec, the same hacker collective that breached Foxconn a few months ago...
DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection
Title ----- DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection Severity -------- High Date Discovered --------------- April 12, 2012 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Chris Graham and r@b13$ Vulnerability Description...
High CPU Utilization for Veeam ONE SQL Database
Challenge When using the included Microsoft SQL Server Express Edition instance to host the Veeam ONE database, a portion of the total CPU cores available to the system have a disproportionality high CPU utilization. Cause This behavior is caused by the "Maximum compute capacity used by a single...
How to Migrate the Veeam ONE Database
Article Applicability This article is specifically about relocating the Veeam ONE database to a different Microsoft SQL Server Instance and the Veeam ONE deployment remaining on the same machine. For information about relocating the Veeam ONE deployment, review: KB1801: How to Migrate Veeam ONE...
Siemens WinCC Insecure SQL Server Authentication
Overview Siemens has released a software update for an insecure SQL server authentication vulnerability in Siemens’ SIMATIC WinCC and SIMATIC PCS 7 software. Previous versions of SIMATIC WinCC use default SQL server credentials that allowed administrative access to the database. The default...
Fedora Update for gallery2 FEDORA-2012-5814
Check for the Version of gallery2 OpenVAS Vulnerability Test Fedora Update for gallery2 FEDORA-2012-5814 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 15 Update: gallery2-2.3.2-1.fc15
The base Gallery 2 installation - the equivalent of upstream's -minimal package. This package requires a database to be operational. Acceptable database backends include MySQL v 3.x, MySQL v 4.x, PostgreSQL v 7.x, PostgreSQL v 8.x, Oracle 9i, Oracle 10g, DB2, and MS SQL Server. All given package...
[SECURITY] Fedora 16 Update: gallery2-2.3.2-1.fc16
The base Gallery 2 installation - the equivalent of upstream's -minimal package. This package requires a database to be operational. Acceptable database backends include MySQL v 3.x, MySQL v 4.x, PostgreSQL v 7.x, PostgreSQL v 8.x, Oracle 9i, Oracle 10g, DB2, and MS SQL Server. All given package...
TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Privilege escalation via internal sql injection in RESTORE DATABASE command. Risk Level: Medium Affected versions: Microsoft SQL Server 2005, 2008, 2008 R2 Remote exploitable: Yes Credits: This vulnerability wa...
Microsoft SQL Server privilege escalation
Privilege escalation via RESTORE DATABASE...
[SECURITY] Fedora 17 Update: gallery2-2.3.2-2.fc17
The base Gallery 2 installation - the equivalent of upstream's -minimal package. This package requires a database to be operational. Acceptable database backends include MySQL v 3.x, MySQL v 4.x, PostgreSQL v 7.x, PostgreSQL v 8.x, Oracle 9i, Oracle 10g, DB2, and MS SQL Server. All given package...
金蝶某软件存在某隐藏sqlserver账户
简要描述: 金蝶某软件存在某隐藏sqlserver账户,SA权限,对数据库服务器有严重威胁。 详细说明: 金蝶某软件存在某隐藏sqlserver账户,SA权限,对数据库服务器有严重威胁。 漏洞证明:...
Microsoft's April Security Update : Patch MS12-027 Now !
This month Microsoft released a total of six new security bulletins, but one in particular deals with a zero-day vulnerability impacting virtually every Microsoft user, which is already being exploited in the wild. Four of the six security bulletins are rated as Critical by Microsoft, with the...
Microsoft SQL Server Privilege Escalation / SQL Injection
No description provided by source. AppSecInc Team SHATTER Security Advisory Privilege escalation via internal sql injection in RESTORE DATABASE command. Risk Level: Medium Affected versions: Microsoft SQL Server 2005, 2008, 2008 R2 Remote exploitable: Yes Credits: This vulnerability was discovere...
MS12-027: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
A memory corruption issue exists in Windows common controls, specifically within the MSCOMCTL.TreeView, MSCOMCTL.ListView2, MSCOMCTL.TreeView2, and MSCOMCTL.ListView controls component of MSCOMCTL.OCX, due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can...
Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
This host is missing a critical security update according to Microsoft Bulletin MS12-027. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...